Are We Still Waiting for Criminals to use AI to Attack?

I think you know the answer to that: United Nations Office on Drugs and Crime has found multiple areas in the world where there is a confluence of criminal gangs with drug trafficking sales, online gambling, and cyber-enabled attacks. And guess what these criminal gangs into drugs, online gambling, and cyberattacks are using to make … Read more

IT Governance May not be Sexy or Exciting, but Makes IT Easier Overall

How IT Governance Enhances Cybersecurity IT governance plays a crucial role in strengthening cybersecurity within organizations by ensuring that cybersecurity strategies are aligned with overall business objectives and risk appetites. This alignment is essential for effectively managing cybersecurity risks and ensuring that security measures support the organization’s goals.   (this IT governance explanation comes from a … Read more

3 Ongoing cybersecurity Issues “Interesting”

 Ivanti Legacy Cloud appliance has a bad vulnerability (remove/ upgrade ASAP) Scammers are posing as Apple care services in github and Google ads (Malware Bytes article)which are fake. Some windows systems were left dangerously unpatched for some time (krebsonsecurity article) Issue1:   Unfortunately the obsolete Ivanti appliances must be replaced ASAP – as this is the … Read more

What is AI ethics?

How do we make decisions? When we hire,  or when we decide what website to read for more information. Is it important to know how we made these decisions or what the results  were? Should a bank explain why they denied a loan? How about healthcare coverage? AI helps in this decision as well? Should … Read more

After Ransomware Hit Should You Pay Up?

I found this article at Technewsworld : Experts Weigh In on Refusing or Paying After a Ransomware Attack So Ransomware happened… (let’s not worry how or why for now). Now what do you do?  Contact your lawyer? Cyberinsurance? I supposed you do want to know how it happened to make sure you can at least remove … Read more

Governance and Update Policies

When an update is necessary (as it is every month) “Patch Tuesday” means Microsoft combines multiple necessary vulnerability updates into one convenient date (2nd Tuesday). For example July it was on the 9th. One of my favorite sites shows the significance of this almost every month: Krebsonsecurity July Edition. What can one do to prevent … Read more

Better password policy: Complex? or longer passwords?

What is the better password policy? A longer password like NIST 800-53 says?   Key NIST password guidelines Minimum length of 8 characters and maximum length of at least 64 characters if chosen by the user. Allow usage of ASCII characters (including space) and Unicode characters. Check prospective passwords against a list that contains values … Read more

Fake Email? or Phishing Email?

I got this email from Cathy Clarke… It claimed to be able to help me get a tax refund due to the SETC and ERC federal programs because of the pandemic   Here is text of email: Hi <insert-name>, Just wanted to check if you’ve submitted your tax refund claim yet? SETC and ERC are … Read more

Patch Tuesday: Zero-day Vulnerability Fixes

Yes it was Patch Tuesday July9th (yesterday). This means Krebsonsecurity had a post describing all the action: The first Microsoft zero-day this month is CVE-2024-38080, a bug in the Windows Hyper-V component that affects Windows 11 and Windows Server 2022 systems. CVE-2024-38080 allows an attacker to increase their account privileges on a Windows machine. Although … Read more

Risk Management AI Framework by NIST

NIST (National Institute of Standards & Technology) has come up with an AI Framework – still a work in progress, but it is coming into shape with this 1.0 version.   There are many aspects to discuss, but the most important are… The Core of the framework:   “A Culture of Risk Management is cultivated and … Read more

GenAI and Cybersecurity

What does GenAi and Cybersecurity have in common? SCMagazine has the story: Gartner Security Summit: “3 takeaways” “Generative AI (GenAI) has emerged as a game-changer in the cybersecurity industry, offering both opportunities and risks. Jeremy D’Hoinne, a research vice president for security operations and infrastructure protection at Gartner, addressed this topic in his presentation the … Read more

What Are Some New Phishing Attacks?

Every day and month in this new year (2024) the hackers of the criminal kind are working on new attacks to steal/take our resources and money. At SecureWorld yesterday there was a presentation by the secret service of some new phishing and other attacks, including a review of the Snowflake attacks. Although he did not … Read more

3 WordPress Plugins Have Bugs & Cause Cyber Incidents?

Another Article (SCMagazine) with more bugs that can cause cybersecurity incidents – WordPress Plugins WPMeta SEO, WPStatistics, and LiteSpeed Cache. So as usual – if you have these plugins, check your WordPress installation for updates as soon as you can. Hopefully the plugins have been fixed and then one can update, but if not WordPress … Read more

BianLian is Changing Ransomware Group

BianLian is a Face Changing Chinese Opera, but it also appliess to a ransomware group that changes it’s attacks up a bit. Palo Alto Unit42 has a report: Unit 42 researchers have been tracking the BianLian ransomware group, which has been in the top 10 of the most active groups based on leak site data … Read more

You Moved Your Stuff to the “Cloud”, What Could Go Wrong?

ArsTechnica has the story: “Unprecedented” Google Cloud event wipes out customer account and its backups The $135 billion pension account UniSuper (in Australia) which has 647,000 members thought it was being brought ‘up-to-date’ by moving it’s IT systems to the Google Cloud. Unfortunately this interesting post by CEO of UniSuper and GoogleCloud Head  explains the … Read more

Need a remote work Programmer? Watch out for North Koreans looking for work

There is an indictment of a woman in Arizona (which made $6.8million) as a proxy between North Korean soldiers and unsuspecting numbers of people’s identities. From Justice.gov indictment form:   According to a May 2022 advisory by the Department of State, the Department of the Treasury, and the Federal Bureau of Investigation, North Korea has … Read more

Meaning of 49million Dell Information Hacked

  Yes Dell API(Application Programming Interface) was hacked to the tune of 49 million customer records. (BleepingComputer article) What does that mean? Fortunately the data did not have financial data, only the following: “This data breach contained customer order data, including warranty information, service tags, customer names, installed locations, customer numbers, and order numbers.” So … Read more

Xiaomi Devices Have Cybersecurity Event

What is a Xiaomi device? It is a mobile phone made in China of course. At iide.co (a Colombia website) A digital marketing course does a SWOT(Strength Weakness Opportunities Threats) analysis for Xiaomi: “Xiaomi stands as a global technology giant of immense stature, securing a noteworthy position as the fourth-largest player in the electronic manufacturing … Read more

May 1st – Happy New Month – Cybersecurity Important?

Yes it is May 1st  today – so I was wondering is Cybersecurity still a thing? Tip1 A good cybersecurity tip for May first is to update and strengthen your passwords. Regularly changing passwords and using strong, unique passwords for each account can significantly enhance your online security. Consider using a password manager to generate … Read more

51% of Survey Respondents Hacked- Means What?

A survey by  Pentera in a Hacker News Story says 51% of respondents said they were hacked. What does a statistic like that mean to you? Are you tired of seeing stats like that? Since you have not  been hacked yet, does it matter to you? Volkswagen breach is discussed in Cybernews story(went on for … Read more

Thousands WordPress Sites Hacked

BleepingComputer has the story WordPress sites have been hacked and then when you visit the site the following image comes and asks you to click a button which then leads you to enter information so the hacker can steal your crypto money. If you click on these buttons and then connect to your crypto wallets … Read more

My AI Chatbot Got Hacked Now What?

Horizon3 has a post discussing Nextchat open source chatbot… https://www.horizon3.ai/attack-research/attack-blogs/nextchat-an-ai-chatbot-that-lets-you-talk-to-anyone-you-want-to/ Here is an interesting sentence: “From our research, the most widely deployed standalone Gen AI chatbot is NextChat, a.k.a ChatGPT-Next-Web. This is a GitHub project with 63K+ stars and 52K+ forks. The Shodan query  title:NextChat,”ChatGPT Next Web” pulls up 7500+ exposed instances, mostly in China … Read more

Can We Stop Phishing Attacks?

Is there anything that we can do that will completely stop all phishing attacks? Short answer is no. We can reduce them by trying to get ourselves off different lists, but the hackers and nation-states are always changing their methods, and ultimately the “attacker”  whether it is a local script kiddie(new hacker learning stuff), a … Read more

Chinese Cyberattacks: What Are They in 2024?

Microsoft Typhoon story: “Living off the Land” The story starts: ‘The attack is carried out by Volt Typhoon, a state-sponsored actor based in China that typically focuses on espionage and information gathering’ The Chinese attacked and stole state department employee email, in this Politico story about the Chinese hack: “Among the most sensitive information stolen, … Read more

Will China Use Cyber Attacks in 2024?

Because it is an election year and because the sun is coming up over the horizon the latest FBI director is testifying in Washington to say China could (was and is) attack(ing) us using cyber. “FBI director Christopher Wray testifies on China’s growing cyber threat against U.S. — 1/31/24 (CNBC Youtube video)“ Christopher Wray, FBI … Read more

Another Phishing Attack Angle

  Hackers have found ways to add notification code behind the website code.  Thus if you say Allow in the notification window: then eventually a ‘bad’ notification comes up: Here is an example of ‘bad’ or hacker initiated notifications:   Here is where cybernews.com had the story and the investigation by cybernews showed the details … Read more

Hackers Using New Attack (Not Just Ransomware)

Here is the story from scmagazine: MOVEit hackers may have found simpler business model beyond ransomware “The Russian-speaking hacker group Cl0p confirmed it exploited a zero-day vulnerability in the popular MOVEit file transfer program and stole data from a growing number of victims, exposing the personal information of many millions of people worldwide.”   What … Read more

Windows11 — Upgrade Soon?

Windows10 arrived not that long ago… According to Microsoft’s site learn.microsoft.com 1507 was the first version and it had an initial release at 2015-07-29 so about 8 years ago it was released, and now the last version  22H2 will have a last service date of  2025, Oct 14th 22H2 General Availability Channel 2022-10-18 2023-05-23 19045.3031 … Read more

Has ChatGPT Already Crossed the Red Line?

OpenAI has breathlessly released the latest version (4.0) a few days ago.  This version has plugins which will allow the program to connect with other programs to sort or otherwise use the other programs as per analyticsindiamag.com  Including Expedia, Wolfram, Zapier, Speak, Fiscal Note, kayak, Instacart, Opentable, Klarna Shopping, Shop, Milo family AI, Retrieval, and … Read more

During War are we getting Attacked More?

I am talking about the Russian war against Ukraine which started on Feb 2022. Do you have 80 computes, more than a dozen? Then it should be obvious that they all need to be standardized and if standardized and wrong they will all get hacked. So paying attention to details in your environment pays dividends. … Read more

Hacked? Got insurance? No Payout!!

SCMagazine story on January 3rd. makes you think about the efficacy of cyber insurance. The problem is the government fines and some of the details in the contract language: “The attorneys general of Utah and Oregon reached a $200,000 settlement with Avalon Health, which also requires the provider to develop and implement practices that aim … Read more

2022 What Did we Learn in Cybersecurity?

49 posts on this blogsite oversitesentry in 2022 There were many different posts  I chose 4 to highlight in early ’22: What does Segmentation DonaldTrump Malware post Jan 25,22 Hackers are Ruthless: Attack Red Cross/ Red Crescent  500k stolen China Attacking News sites now & CISA agency declares patch APC UPS(Power Supplies) 3 Critical vulnerabilities. … Read more

Password Managers Hacked: Passwordstate and Lastpass

Passwordstate security failure was worse than Lastpass – but any entity can be hacked or have a cybersecurity failure. Looking into the specifics Passwordstate issue is discussed in portswigger website.   “Passwordstate was subject to scrutiny by Swiss security consultancy modzero AG following a customer request to check the password manager’s security. Modzero researchers Constantin … Read more

Less Than 100 Employees: 3x More Likely Target

At Technewsworld the following quote is interesting: “Attackers do not just target large enterprises. Recent reporting shows companies with less than 100 employees are three times more likely to be the target of a cyberattack — yet, often lack sufficient cybersecurity measures and resources to manage their risk,” said Shena Seneca Tharnish, VP for cybersecurity … Read more

Every month New Vulnerabilities and Patches/Fixes

A new Vulnerability which was a “Zero Day” vulnerability in a Windows Tool called MSDT (Microsoft Support Diagnostic Tool)  according to Technewsworld.com story You can see the tool here in the following image: (after typing msdt in the  Run or task search bar for Windows`10 operating system.)   As I have discussed before – in … Read more