A Primer on BitCoin

by

Editors Note: One day, we found ourselves discussing the security of bitcoin, only to realize that many readers may not truly understand the digital currency. Luckily, a team member’s father, Eoin Meehan, is well versed in the subject and has submitted a guest blog to help everyone understand this popular form of cryptocurrency. Bitcoin is a cryptocurrency, reportedly designed by Satoshi Nakamoto in 2008. To fully understand how it works we must look at how “ordinary” currencies work. To quote Sheldon Cooper “It was a warm, summer’s evening in ancient Greece …” Well, no, we don’t need to go back […]

Continue Reading »

Sony’s PSN Network Haymaker’d by DDoS Attack; Exec’s Plane Grounded Over Bomb Threat

by

Sony had a rough weekend. And not just Sony; last weekend wasn’t the best time to be a gamer. Here’s the skinny… Early yesterday morning, Sony’s PlayStation Network (PSN for short) was hit with a massive Distributed Denial of Service (DDoS) attack, causing it to crash temporarily and hamper online play for many PlayStation gamers. (Source: Google Images) Sony Online Entertainment President John Smedley quickly took to Twitter to let users know about the attack before tweeting that he’d be offline for three hours as he flew back to San Diego from Dallas on AA Flight #362. Well, not long […]

Continue Reading »

ZeroLocker

by

Recently in the news we saw FireEye and Fox-IT provide the ability to decrypt files encrypted by older crpytolocker variants. They used the command and control servers seized by the FBI during operation Tovar. Since they have access to those RSA keys they essentially have the password required for every single file encrypted by a Cryptolocker variant that used Evgeniy Bogachev’s botnet. That is a major portion of the traditional​ red GUI cryptolocker that became famous. Any previous victims from these variants that still have encrypted files left on their machine should be able to decrypt them with ease. All they have to do is […]

Continue Reading »

8 Tips to Stay Safe Online

by

Yesterday, the New York Times published an exclusive story on what many are stating to be the largest series of hacks ever, all revealed by Hold Security in their latest report.  With a report of over 1.2 billion unique username-password combinations and over 500 million e-mail addressed amassed by a Russian hacker group dubbed CyberVol (vol is Russian for thief).  While the reactions among the security industry are mixed, with some researchers raising a few questions of the masterwork behind the hack, the story does bring to the public’s attention the necessity of strong, personal, online security policies for all […]

Continue Reading »

A Look at PC Gamer Security

by

In the new study on security and PC gamers, Webroot found that many gamers sacrifice their protection to maximize system performance and leave themselves vulnerable to phishing attacks and gaming-focused malware. The study also provides tips for protecting gaming credentials and safeguarding against phishing attacks. Webroot PC Gamer Security Study Findings: 47% experienced an online attack with 55% of the attacks impacting system performance. 35% of PC gamers choose not to use security or rely on free clean-up tools. “Does not slow down system performance” ranked among the most important security program characteristic to gamers and Webroot has the first […]

Continue Reading »

Critroni/Onion – Newest Addition to Encrypting Ransomware

by

In my last blog post about a week ago, I talked about how Cryptolocker and the like are not dead and we will continue to see more of them in action. It’s a successful “business model” and I don’t see it going away anytime soon. Not even a few days after my post a new encrypting ransomware emerged. This one even targets Russians! Presenting Critroni (aka. Onion)   This newest edition of encrypting ransomware uses the same tactics of contemporary variants including: paying through anonymous tor, using Bitcoin as the currency, changing the background, dropping instructions in common directories on how to pay the scam. […]

Continue Reading »

Cryptolocker is not dead

by

Recently in the news the FBI filed a status report updating on the court-authorized measures to neutralize GameOver Zeus and Cryptolocker. While the report states that “all or nearly all” of the active computers infected with GameOver Zeus have been liberated from the criminals’ control, they also stated that Cryptolocker is “effectively non-functional and unable to encrypt newly infected computers.” Their reasoning for this is that Cryptolocker has been neutralized by the disruption and cannot communicate with the command and control servers to receive instructions or send RSA keys after encryption. Read more here While seizing the majority of the […]

Continue Reading »

New Study Reveals Disparities Between Corporate Mobile Security Policies and BYOD Practice

by

In the new BYOD Security Report conducted by Webroot through first-of-its-kind research, Webroot examined the use and security of personal mobile devices in the work environment, looking at the prevalence of employee-owned devices.  The initial survey, conducted in late 2013, explored the prevalence of employee-owned devices, how they are being secured, and employee concerns regarding company-mandated security programs. The second survey, conducted in March 2014, looked at how IT managers view the risk of employee-owned devices, the prevalence of formal mobile security policies, and the extent to which employee input is included in developing BYOD policies. Pulling from that report […]

Continue Reading »

A successful Gartner Summit for Webroot

by

Webroot, the market leader in cloud-based, real-time Internet threat detection, recently returned from the 20th annual Gartner Security and Risk Management Summit in National Harbor, Maryland.  Attended by many of the world’s top business and IT professionals in industries ranging from finance to information technology to government, the focus of this year’s conference was enablement of an organization to move forward towards its objectives, while ensuring security and protection.  The show’s theme at this year’s conference, “Smart Risk: Balancing Security and Opportunity”, summarized the challenges that many large companies are experiencing today, as they work to ensure the safeguarding of […]

Continue Reading »

A peek inside the online romance scam.

by

Online dating can be rough, and no matter how many safeguards are in place in the multiple legitimate dating websites out there, the scammers are getting around the blocks and still luring in potential victims.  While the reports of these types of scams are out there (even with copy and paste examples of the e-mails used), people still fall for the scams every day.  In this particular case, it was my profile on eHarmony that was targeted, and this is my recount of it. It started with a potential match; a profile with a collection of tasteful photos of a […]

Continue Reading »