InfoSec and Compliance – With 20 years of blogging experience, DISC InfoSec blog is dedicated to providing trusted insights and practical solutions for professionals and organizations navigating the evolving cybersecurity landscape. From cutting-edge threats to compliance strategies, this blog is your reliable resource for staying informed and secure. Dive into the content, connect with the community, and elevate your InfoSec expertise!
Feb 21 2019
Digital Shadows’ Photon Research Team has found that cybercriminals have diversified their extortion methods, and the threat landscape is as wide and varied as it’s ever been.
Source: A Tale of Epic Extortions – How Cybercriminals Monetize Our Online Exposure
Feb 20 2019
The U.S. government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that attack went down and who was hit have remained shrouded in secrecy.
Feb 20 2019
Phishers have come up with another trick to make Office documents carrying malicious links undetectable by many e-mail security services.
Source: Phishers’ new trick for bypassing email URL filters – Help Net Security
Feb 19 2019
It’s tax season, and with it comes Tax Scams. Stay Cyber Aware and Cyber Safe.
“Thousands of people have lost millions of dollars and their personal information to tax scams. Scammers use the regular mail, telephone, or email to set up individuals, businesses, payroll and tax professionals.
The IRS doesn’t initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information. Recognize the telltale signs of a scam.” See also: How to know it’s really the IRS calling or knocking on your door
[pdf-embedder url=”https://blog.deurainfosec.com/wp-content/uploads/2019/02/TaxScam-1.pdf” title=”TaxScam”]
Feb 19 2019
The World Wide Web turns 30 this year, and to celebrate three decades of utter chaos and brilliance, CERN developers and designers have created a version of the original WorldWideWeb browser that can run inside a modern browser. What, you wonder, is it like to surf the original web? Well, give it a try here. It’s kind of a pain!
Source: Travel Back to 1990 With the Original World Wide Web Browser
Feb 18 2019
Microsoft announced on its support website that future Windows 7 and Windows Server 2008 updates will require SHA-2 code signing support to be installed starting with July 16, 2019.
Source: Windows 7 and Server 2008 Updates to Require SHA-2 Support Starting July
Feb 17 2019
A researcher has discovered a serious vulnerability in Xiaomi electric scooters. Exploiting the flaw could allow remote attacks on it causing sudden breaks.
Source: Vulnerability In Xiaomi Electric Scooters Could Allow Remote Attacks
↑ Grab this Headline Animator
Feb 15 2019
Protecting your online privacy is important. There has been a lot of discussion in recent years about how to stay safe online, and an increasing number of people are turning to Virtual Private Netw…
Source: 3 data leaks that could be undermining your online privacy
DISC InfoSec 🔒 securing the business 🔒Â Data Security
Feb 14 2019
A new Emotet Trojan variant has been observed in the wild with the added ability to hide from anti-malware software by embedding malicious macros used to drop the main payload inside XML files disguised as Word documents.
Source: Emotet Uses Camouflaged Malicious Macros to Avoid Antivirus Detection
Feb 12 2019
DDoS attacks may not be the quickest route to profitability for bad actors, but given the importance of this attack technique to nation-state cyberwar adversaries, we can expect continued innovation on the part of the hackers. Enterprises cannot afford to relax their efforts to combat such attacks.
Source: Are Hackers Winning The Denial Of Service Wars?
Feb 11 2019
Dubsmash, Armor Games, 500px, Whitepages, ShareThis, and more said to be up for grabs for $$$s in BTC
↑ Grab this Headline Animator
Feb 05 2019
Combine with the ISO 9001:2015 QMS Documentation Toolkit and/or the ISO 14001:2015 EMS Documentation Toolkit to create an ISO 27001- compliant integrated management system (IMS).
↑ Grab this Headline Animator
Feb 04 2019
SpeakUp backdoor trojan can run on six different Linux distributions, and even on macOS.
Source: Security researchers discover new Linux backdoor named SpeakUp | ZDNet
↑ Grab this Headline Animator
Feb 04 2019
Metro Bank has become the first major bank to disclose SS7 attacks against its customers, but experts believe it isn’t an isolated case.
Source: Metro Bank is the first bank that disclosed SS7 attacks
Feb 03 2019
Personal data is a precious commodity but sometimes we can share too much? Rob thinks we need to develop our human firewall in an age where some much of our lives is online. Rob May is chairman of IoD Surrey, an award-winning entrepreneur and Managing Director of ramsac limited.
Rob makes complex subjects straightforward by using real life examples, humor and pragmatism. He is passionate about his work, positive about life and committed to helping people understand and grow.
He lives with his wife and children in Horsell and is very much a part of the local community. This talk was given at a TEDx event using the TED conference format but independently organized by a local community.
Feb 03 2019
Bolt is in beta phase of development which means there can be bugs. Any production use of this tool discouraged. Bolt crawls the target website
Source: Bolt : Cross-Site Request Forgery Scanner Tool 2019
Feb 02 2019
If you are using a laptop, chances are you have a…
Source: Check now to see if your webcam is being hacked
Feb 01 2019
Motherboard has identified a specific UK bank that has fallen victim to so-called SS7 attacks, and sources say the issue is wider than previously reported.
Source: Criminals Are Tapping into the Phone Network Backbone to Empty Bank Accounts
Jan 31 2019
Thought Collection #1 was big? Collection #2-5 just dwarfed it
Source: The biggest ever data dump just hit a colossal 2.2 billion accounts
Jan 30 2019
Remotely Spying via #FaceTime.
FaceTime any iOS 12.1 or later and you can remotely spy on them (audio and video) before they accept incoming call.
