go to sections menu

What has been read, blogged, and talked about the last week, news ending October 9, 2020 from blog The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: article commentary > What has been read, blogged, and talked about the last week, news ending October 9, 2020

Go to Homepage, contents or to navigation menu

What has been read, blogged, and talked about the last week, news ending October 9, 2020

Quite a bit has been blogged about and even read this week, so let’s get started.

Let’s get started with the News Notes for the week provided by Trend Micro.

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This
week, learn about how cybercriminals secure their assets and survive in the business in a new Trend Micro report. Also, read about a how cybercriminals
are tapping into Amazon’s Prime Day with phishing and malicious websites that are fraudulently using the Amazon brand.

Some of these items I may not have read as of press time, but they may interest you. I think the biggest thing if you read nothing else, is dealing with French companies being attacked by the infamous BEC or Business Email Compromise attack. Are you surprised that Prime Day on Amazon had more Phishing and fraud attacks?

For the full blog post,This Week in Security News: A Look Inside the Bulletproof Hosting Business and Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks

I’ve been pondering this since I read this on the 5th, and I mize well post about it even though it is near the end of the month. We’ve talked on the technology blog and podcast about this Trick Bot, and boy does it have new tricks and it has had new tricks for quite awhile. In this blog post from Krebs on Security, we learn that it had at least at that time, the luxury of being hobbled.

At the time of the article’s writing, Krebs on Security wrote:

Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot, an enormous collection of more than two
million malware-infected Windows PCs that are constantly being harvested for financial data and are often used as the entry point for deploying ransomware
within compromised organizations.

I wonder how successful this has been? I wonder if we are getting closer to finding out who is responsible for this bot and can bring them to justice? Attacks Aimed at Disrupting the Trickbot Botnet is the article.

Back near the end of September, and on the first podcast of October, I mentioned briefly a new multi-staged attack going on. While it is almost a month since I’ve read this, I know that this really should be braught out.

Royal Ripper’s attack begins with a lure that impersonates either a government agency, telecommunications company, or online payments service via text.
In the example below, the initial SMS lure poses as a tax return notice from HM Revenue and Customs.

There are images with this one, and as with all Phishlabs stuff, they really do a great job. https://info.phishlabs.com/blog/royal-ripper-multi-stage-phishing-attack-adapts-to-victim-input is the article and one I’d recommend you look at.

In a recent post, I blogged about an article where video game hackers were taken down. Its about time we get some good news for a change, and I know we can use it after the long year of nothing but bad news. Video Game Havkers getting picked up is the article although it should say hackers. Its all good.

NCSAM is not even close to being done. I penned an article talking about passwords recently. It also linked to an article from Lastpass where passwordless authentication is talked about. Its hard to implement, but the majority would love to see this come in to practice. Let’s talk a little bit about passwords is the blog post where I talk about passwords, the linked article and my thoughts.

In the ongoing Saga of John Bernard, I pen a blog post asking if he’s done for now. In the next installment, we learn what he’s really like, although a company hopes he’ll come through on his promise even if his web site is closed. Is John Bernard done for? I hope this is the end links to the next article in this series. You be the judge!

There are two articles from the beginning of October that I don’t know were mentioned in news notes, and they’re worth it. Phishing won’t stop, just because of the election talks about the election and mentions an article that talks about phishing in this landscape. This is definitely of interest because voting must be done by mail this year. The second is the title piece What’s going on with the Phishing Landscape? Plenty, and it isn’t looking good where we talk about the Phishlabs article from APWG where they are a member. I highly recomend this article, it could be my best work yet in this space for this blog.

Is there anything else that you have found that I may have missed? Get it over to me by email/imessage/text/whatsapp. All info is available through listening to the podcast or looking about the blog pages for it. Thanks so much for reading, and make it a great day!

Informazioni sull'articolo

What has been read, blogged, and talked about the last week, news ending October 9, 2020 was released on October 9, 2020 at 1:00 pm by tech in article commentary.
Last modified: October 9, 2020.

Comments (0)

No comments yet.

Leave a comment

You must be logged in to post a comment.

go to sections menu

navigation menu

go to sections menu