Tag Archive for: boot

WCC Corner: How to stay cyber-safe — give malware the boot

/in


Jessica Griffin

Wilson Community College, in partnership with Greenlight and Gig East, is hosting a free virtual event soon, and anyone is welcome to attend. In fact, this is the fourth time we’ve partnered with them to host an event of this nature. 

“Cyber Safe in the Gigabit City v4.0: Give Malware the Boot!” is set for Thursday, Oct. 6, from 10-11:30 am.  You’ll get to hear from a panel of local business and industry experts on malware, its common infection paths, the types of information malware can steal from a compromised system and how to defend against malware.

“There are very few aspects of our lives now that do not have some type of fingerprint online. It’s more important than ever for people to be aware of ways to protect themselves from cybercriminal activity. This annual event gives our community the opportunity to hear from the best of the best on how to do just that,” said Wes Hill, dean of continuing education at WCC.

WCC’s information technology instructor, Kendra Faulkner, said, “We are so excited to continue this event for a fourth year, and even better, hear about cybersecurity from a military perspective.” 

This year’s keynote speaker is Alex Reinwald, cyber-threat intelligence division chief for the North Carolina National Guard’s Cyber Security Response Force. His previous duty assignments include Japan, South Korea, Arizona and Alaska. He holds a bachelor’s degree in geography from the University of Alabama and a master’s in geographic information science and technology from North Carolina State University. 

He has twice led the fusion and intelligence cell for the largest unclassified cyber incident response exercise in the United States. He currently holds GIAC certified incident handler, GIAC penetration tester, GIAC cyber threat intelligence and GIAC information security professional SANS certifications.

Our panelists include Fred White, network technician for the city of Wilson/Greenlight Community Broadband; Joseph Vellucci, technician/project manager for Computer Central; Nona Young, network security specialist for the N.C. Department of Information Technology; and Susan Weekley, IT…

Source…

Update on Red Curl. TA406’s high 2021 optempo. Ephemeral payloads in a spearphishing campaign. Code-signing boot camp.

/in


Attacks, Threats, and Vulnerabilities

Seeing Red (Domain Tools) The DomainTools Research team came across a batch of malicious-looking PDFs that stretched back to July 30, 2021. While containing no malicious content, they did link to dozens of short-lived Glitch apps hosting a SharePoint phishing page containing obfuscated JavaScript designed to harvest credentials.

Chinese Cyberespionage Bootcamps Training Recruits in the Art of Supply Chain Attacks for Over a Decade (Yahoo Finance) New report from Venafi shows Chinese threat actors targeting code signing certificates for use in software supply chain attacks

APT41 Perfects Code Signing Abuse to Escalate Supply Chain Attacks | Venafi

(Venafi) Learn about the infamous APT41 group and why they are abusing code signing keys and certificates as powerful weapons to steal and exploit data. Find out which industries are they targeting, the anatomy of their attack and who’s really behind them.

Group-IB report: “RedCurl. The pentest you didn’t know about” (Group-IB) Research of the new espionage APT-group RedCurl and its elaborate attacks on enterprise companies in North America, Europe and CIS

RedCurl hacking group returns with new attacks (The Record by Recorded Future) Even after its operations were publicly exposed in August 2020, the RedCurl hacking group has continued to carry out new intrusions and has breached at least four companies this year, according to a new report from security firm Group-IB.

Hackers Targeting Myanmar Use Domain Fronting to Hide Malicious Activities (The Hacker News) Hackers Targeting Myanmar Use Domain Fronting to Hide Malicious Activities

Previously unreported North Korean espionage part of busy 2021 for country’s hackers (CyberScoop) A North Korean cyber espionage group known primarily for targeting think tanks, advocacy groups, journalists and others related to Pyongyang’s adversaries around the world has been quite prolific in 2021, according to email security firm Proofpoint.

State-sponsored North Korean hackers responsible for blitz of attacks in 2021 (The Record by Recorded Future) Suspected government-backed hackers from North Korea launched…

Source…

Can social media companies boot Trump? Yes

/in


WASHINGTON (AP) — Social media companies decided this past week they had finally seen enough from President Donald Trump.

Facebook and Instagram suspended Trump at least until Inauguration Day. Twitch and Snapchat also disabled Trump’s accounts. To top it all off, Twitter ended a nearly 12-year run and shuttered his account, severing an instant line of communication to his 89 million followers.

Conservatives are crying foul.

“Free Speech Is Under Attack! Censorship is happening like NEVER before! Don’t let them silence us. Sign up at http://DONJR.COM to stay connected!” his eldest son, Donald Trump Jr., tweeted Friday.

CAN TWITTER AND FACEBOOK LEGALLY TAKE SUCH ACTION?

The short answer is yes.

As the Congressional Research Service has explained in a report for federal lawmakers and their staffs, lawsuits predicated on a website’s decision to remove content largely fail. That’s because the free speech protections set out in the First Amendment generally apply only to when a person is harmed by an action of the government.

“The First Amendment doesn’t apply to private sector organizations. That’s not how this works,” said Chris Krebs, when asked Sunday whether censorship by social media companies violated freedom of speech protections.

Krebs oversaw election cybersecurity efforts at the Department of Homeland Security until Trump fired him when he disputed election fraud claims. Speaking on CBS’s “Face the Nation” Sunday, he explained that companies enforce their own standards and policies for users.

That’s what happened at Twitter on Friday.

WHAT RATIONALE DID TWITTER TAKE FOR ITS ACTIONS?

The company said after reviewing Trump’s account in the context of the riot at the Capitol on Wednesday, it was concerned about two tweets he sent Friday that Twitter said could incite violence. They were:

— “The 75,000,000 great American Patriots who voted for me, AMERICA FIRST, and MAKE AMERICA GREAT AGAIN, will have a GIANT VOICE long into the future. They will not be disrespected or treated unfairly in any way, shape or form!!!”

— “To all of those who have asked, I will not be going to the Inauguration on January 20th.”

The first tweet, the company said, was…

Source…