Is the NSA Warning to Microsoft Users Really as Bad as it Sounds?

"It is likely only a matter of time before remote exploitation tools are widely available for this vulnerability." So wrote the normally circumspect NSA in their advisory on the so-called BlueKeep vulnerability. Really? Only a matter of time? Hmm, it seems like the NSA knows something they're not telling us about. Other cybersecurity professionals tend … Continue reading Is the NSA Warning to Microsoft Users Really as Bad as it Sounds?

The Future of Brain Hacking

For a couple of years, I worked as an editor for scientific research papers. Most of the papers I worked on were from China, Japan, and South Korea. There were a preponderance of papers on cancer and other medical research. However, the Chinese research papers were largely focused on improvements in solar panels. Most of … Continue reading The Future of Brain Hacking

Clickjacking Ramps Up Tactics

Clickjacking is based on a simple principle: Make a victim click on something that is not what it appears to be. A simple example would be a Facebook like button that does something other than show your Facebook friends that you found something you liked. Why would someone want to make people do this? We'll … Continue reading Clickjacking Ramps Up Tactics

How I could have Stolen and Used Social Security Numbers

This summer I needed to have some questions answered at the local Social Security office. I was greeted by a guard who told me I should use the automated check in station to make an appointment. This was an ATM looking device that asked for my personal information and the reason for my visit. I … Continue reading How I could have Stolen and Used Social Security Numbers

Did the U.S. Just Declare Cyberwar Against Iran?

There are some surprising aspects to the recent U.S. cyberattack on an Iranian database, but the fact that it occurred is not one of them. The attack, at least on the surface, was straightforward. U.S. intelligence somehow got a foothold on a network that is associated with Iran's Revolutionary Guard. The group associated with this … Continue reading Did the U.S. Just Declare Cyberwar Against Iran?

China is Now Number 1… in APT Attacks

If you are an IT staff member or work in upper management at a large company or organization, no one needs to tell you what an APT attack is. That's because you are likely dealing with them on a daily basis. If you are not dealing with them, it's probably because you simply haven't discovered … Continue reading China is Now Number 1… in APT Attacks

Chinese Government Hackers Target U.S. Utilities by Impersonating Engineer Licensing Agency

Before speculating on why the Chinese government is targeting U.S. utilities, I will give a brief explanation of how this hack is implemented. Basically, it exploits a legitimate licensing agency, the US National Council of Examiners for Engineering and Surveying (NCEES), to penetrate utility companies. We can expect other legitimate organizations to be exploited in … Continue reading Chinese Government Hackers Target U.S. Utilities by Impersonating Engineer Licensing Agency

Facebook Messenger’s “It’s you?” Virus Re-Emerges as a Major Threat

I recently received a notification from a family member through Facebook Messenger. It was a simple message which showed a YouTube logo. The message said, "It's you?", and nothing more. The link, on a PC, went through Facebook to the supposed YouTube video. On my Android device, it just showed a link to garotoo.xyz above … Continue reading Facebook Messenger’s “It’s you?” Virus Re-Emerges as a Major Threat