IF YOU HAVE BEEN HACKED, DON'T READ THE FOLLOWING. IT IS TOO LATE
Should you be Protected from from hackers and spies?
- Do you really know how to secure your phones or computers?
- Why should you worry about your personal information?
- You only use those apps for “Call Ahead Seating”, so who really cares ?
- Don’t use public WiFi, Really?
- Use Tor, what is that?
Here is an interesting answer from ZDNet that can help you protect yourself from hackers as well as companies.
Cyber Attack on a Major Internet Tool
DNS is an important tool that identifies websites on the internet and without it, many things won’t work
So what does this mean for a hacker? If you are trying to stop someone from going to a website, then this would be a great way to do it. Taking down DNS simply blocks a user from entering a site and then automatically taking you there. This looks like the internet is down when it is really up.
So it just happened to a major provider.
NS1, a domain name server provider and networking giant, was repeatedly hit throughout Monday May 16th affecting millions across the US, Europe, and Asia, but recovered towards the end of the working day.
“We had performance degradation in several markets with the US and Europe seeing the greatest impact”
Read the records as this happened
Hackers showed how to break into the US power grid
Recently, a power company in the US hired a some white hat hackers, known as RedTeam Security to test its defenses. They were followed them around for 3 days, as they attempted to break into buildings and hack into its network, with the goal of gaining full access to the grid.
Read More at TECH Insider…
FEMAC Services > FEMAC Cyber Crime Center
A National Threat
Cybercrime is one of the greatest threats facing our country and has enormous implications or our national security, economic prosperity, and public safety. The challenge facing state, local, tribal, and territorial (SLTT) law enforcement partners includes investigating a broad variety of cybercrimes and cyberthreats by criminals, hackers, terrorists, and state actors. To meet this challenge, it is vital that SLTT law enforcement leaders ensure that appropriate agency personnel receive cybercrime training. The following examples of no-cost federally funded cybercrime trainings are available for agency personnel to build a basic understanding of cybercrime and to explore advanced considerations.
“Cyberthreats are among the gravest national
security dangers to the United States.”
—White House Press Release
Opening Statement for Bruce Sewell
Feb. 29, 2016:
Tomorrow you can expect an opening statement from the Vice President and General Counsel for Apple, Bruce Sewell
“Do we want to put a limit on the technology that protects our data, and therefore our privacy and our safety, in the face of increasingly sophisticated cyber attacks? Should the FBI be allowed to stop Apple, or any company, from offering the American people the safest and most secure product it can make?”
Here is a copy of what he will say READ HERE
You are a winner if your password is 12345 or 123abc
Are You Safe?
Before you open an unknown attachment or go to a potential bad website, check it out
VirusTotal, a subsidiary of Google, is a free online service.
It analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.
“Virus Total is a fantastic tool. I use it to make sure my exploits are obfuscated enough to bypass antivirus.”
FEMAC-Chief Security Officer
Go To VirusTotal
Hackers Stole Social Security Numbers From 21.5 million People In Recent Data Breach, U.S. Says
|July 2015 – Data breaches at the U.S. government’s personnel management agency by hackers, with suspicions centering on China, involves millions more people than previously estimated, U.S. officials said on Thursday.
The Office of Personnel Management (OPM) said data stolen from its computer networks included Social Security numbers and other sensitive information on 21.5 million people who have undergone background checks for security clearances.
That is in addition to data on about 4.2 million current and former federal workers that was stolen in what the OPM called a “separate but related” hacking incident. Because many people were affected by both hacks, a total of 22.1 million people were affected, or almost 7 percent of the U.S. population.
The personal data of an estimated 18 million current, former and prospective federal employees were affected by a cyber breach at the Office of Personnel Management – more than four times the 4.2 million the agency has publicly acknowledged. The number is expected to grow, according to US officials briefed on the investigation.
|From the desk of Kyle Gonzalez, Director of Data Security:
Cyber-attacks are becoming much more prevalent against small businesses. What is the reason for this? With big name hacks targeting larger corporations, those corporation in turn have spent a lot of money beefing up their IT Security framework. Smaller businesses however, tend to have a much different mindset. A majority of small businesses tend to have more of a reactive approach rather than a proactive approach. A big reason for this is costs. Up-front consulting fees tend to range in the tens-of-thousands of dollars. Between that and the costs of fixing security holes found by the consultants, most small business owners tend to bite the cost only after a cyber-attack has occurred. Unfortunately, this knee jerk reaction can end up costing a company more than a few thousand dollars. Often, reputations are on the line as well. Breaches must be reported to their customer base, and can often lead to loss in confidence from their clients. This can translate into a much deeper loss, as customers start looking for more secure solutions.
Another shift occurring in the information security world, is with whom the hackers are targeting. In previous years, top-level executives have always been the top targets for hackers. Compromising an executive’s email or computer can reveal interesting facts that the company would much rather keep under wraps. However, these executives often have very limited security permissions, which can make it difficult to pivot throughout the rest of the network. For this reason, system administrators are often finding themselves in the cross hairs. More often than not, these administrators hold credentials that can unlock much more than just a few secret emails. A sysadmin’s account can unlock further access into authentication servers, backend databases, or even access management systems or security systems. Compromising one of these accounts can lead to damaging financial or proprietary losses.
So what can we take away from this?
Most cyber-attacks start with phishing, which is a form of social engineering. Anyone can be a target, and the hackers understand that the weakest link in any secure environment, is the employee. Take some time to learn about how to prevent becoming a victim of social engineering, and you can help to greatly increase the security of any network that you have access to.
|March 16, 2015
Sophisticated Actors Involved In Over Half Of Reported Attacks On US Critical Infrastructure
Of the 245 incidents reported to Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) in Fiscal Year 2014, roughly 55 percent involved an APT, a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time.
|December 1, 2014
Symantec exposes complex cyber-spying program.
Read how this works
|November 8, 2014
Has your credit card been breached by using it at Home Depot? Read below
Notice to customers from Home Depot
|Thursday, October 9, 2014
Kmart detected their payment data system had been breached.
Read the statement here
|Learn about Identity from the FTC|