TekSec https://teksecurityblog.com My Scribbles on security and whatever strikes my fancy . . . Thu, 11 May 2017 02:19:40 +0000 en-US hourly 1 https://i2.wp.com/teksecurityblog.com/wp-content/uploads/2015/04/cropped-Hacked-how-safe-is-your-data-on-adult-sites.png?fit=32%2C32&ssl=1 TekSec https://teksecurityblog.com 32 32 76371311 Hacked medical devices gaining traction https://teksecurityblog.com/hacked-medical-devices-gaining-traction/ https://teksecurityblog.com/hacked-medical-devices-gaining-traction/#respond Thu, 22 Dec 2016 21:13:42 +0000 https://teksecurityblog.com/?p=7212 No manufacturer, hospital, medical facility or consumer wants to experience the nightmare of hacked medical devices. If we don’t beef up the security game soon—the bad guys will be snacking on Kobe Filet while the rest of us choke down skirt steak. This year, Johnson & Johnson became the first medical device manufacturer to warn […]

The post Hacked medical devices gaining traction appeared first on TekSec.

https://teksecurityblog.com/hacked-medical-devices-gaining-traction/feed/ 0 7212
Online Travel Agency Deals: Due Diligence and Dive https://teksecurityblog.com/online-travel-agency-deals-due-diligence-and-dive/ https://teksecurityblog.com/online-travel-agency-deals-due-diligence-and-dive/#respond Wed, 21 Dec 2016 18:31:43 +0000 https://teksecurityblog.com/?p=7205 On your next Google search for “best airline ticket prices” you may want to think twice before clicking on any link to an online travel agency that promises discount travel vouchers, cheap airline tickets or free airfare. Most of the time it really is too good to be true and you would be better off […]

The post Online Travel Agency Deals: Due Diligence and Dive appeared first on TekSec.

https://teksecurityblog.com/online-travel-agency-deals-due-diligence-and-dive/feed/ 0 7205
Ransoc, simplified ransomware https://teksecurityblog.com/ransoc-simplified-ransomware/ https://teksecurityblog.com/ransoc-simplified-ransomware/#respond Wed, 16 Nov 2016 21:44:44 +0000 https://teksecurityblog.com/?p=7185 Proofpoint recently discovered a new ransomware variant dubbed Ransoc, that is distributed through malvertising campaigns on adult web sites. If you do not go to adult sites, you should be safe from this threat. If you do go to adult websites and manage to have a meetup with this new variant, and you are comfortable […]

The post Ransoc, simplified ransomware appeared first on TekSec.

https://teksecurityblog.com/ransoc-simplified-ransomware/feed/ 0 7185
Affiliate interlopers abundant on LinkedIn https://teksecurityblog.com/affiliate-interlopers-abundant-on-linkedin/ https://teksecurityblog.com/affiliate-interlopers-abundant-on-linkedin/#respond Thu, 13 Oct 2016 05:04:50 +0000 https://teksecurityblog.com/?p=7142 The past few months I’ve racked up quite a few “I’d like to join your LinkedIn network” invites and I can assure you that I am extremely hesitant when these invitations arrive. Many newly created LinkedIn affiliate interlopers have zero to two first degree connections (in contrast to my connections.) Though I am suspicious by nature […]

The post Affiliate interlopers abundant on LinkedIn appeared first on TekSec.

https://teksecurityblog.com/affiliate-interlopers-abundant-on-linkedin/feed/ 0 7142
Best VPN Reviews 2016 https://teksecurityblog.com/best-vpn-reviews-2016/ https://teksecurityblog.com/best-vpn-reviews-2016/#respond Fri, 07 Oct 2016 17:25:54 +0000 https://teksecurityblog.com/?p=7134 Using public wifi without a VPN (virtual private network)? If you are not using one—you should be. Perhaps Kashmir Hill says it best: . . .a VPN is like a condom for Internet use. When you use a VPN, it creates a private encrypted tunnel that your Internet requests are sent through, re-routing your activity through […]

The post Best VPN Reviews 2016 appeared first on TekSec.

https://teksecurityblog.com/best-vpn-reviews-2016/feed/ 0 7134
Hey Candidate Clowns, Giddy up and Get Out https://teksecurityblog.com/hey-candidate-clowns-giddy-up-and-get-out/ https://teksecurityblog.com/hey-candidate-clowns-giddy-up-and-get-out/#respond Tue, 20 Sep 2016 07:23:23 +0000 https://teksecurityblog.com/?p=7063 I’ve been spending a great deal of time thinking about our government, Snowden revelations, mass surveillance, data breaches and the like. During the interim—I also burned through two startups. It has not been an easy road on a financial basis—if anything, it has taught me to question what is happening in the world around me. […]

The post Hey Candidate Clowns, Giddy up and Get Out appeared first on TekSec.

https://teksecurityblog.com/hey-candidate-clowns-giddy-up-and-get-out/feed/ 0 7063
Insidious Twitter Botnet is Streaming in Stealth Mode https://teksecurityblog.com/twitter-botnet/ https://teksecurityblog.com/twitter-botnet/#respond Fri, 24 Jun 2016 10:01:53 +0000 https://teksecurityblog.com/?p=6082 Recently, I became aware of a prodigious stealth-mode Twitter botnet that contain upwards of 3 million user accounts, alongside two other botnets that total 100,000 bots. Kudos goes to SadBotTrue security researchers who first disclosed botnet findings at their blog earlier this week. Stealth Twitter botnet According to SadBotTrue, this particular botnet is the most […]

The post Insidious Twitter Botnet is Streaming in Stealth Mode appeared first on TekSec.

https://teksecurityblog.com/twitter-botnet/feed/ 0 6082
IoT cam spy needs a bottom-up revolution https://teksecurityblog.com/cam-spy/ https://teksecurityblog.com/cam-spy/#respond Wed, 22 Jun 2016 23:01:58 +0000 https://teksecurityblog.com/?p=6032 I cam spy on you—from weaknesses in camera firmware to creepy messages delivered through baby surveillance systems—the Internet of Things (IoT) continues to present countless challenges as it hovers above the crossroad of security and privacy. Recently I discovered Reddit poster Jenn & Tonic (J&T). Having initially purchased and returned a Netgear Arlo surveillance cam, J&T […]

The post IoT cam spy needs a bottom-up revolution appeared first on TekSec.

https://teksecurityblog.com/cam-spy/feed/ 0 6032
Sphinx: New Zeus Variant for Sale on the Black Market https://teksecurityblog.com/sphinx-new-zeus-variant-for-sale-on-the-black-market/ https://teksecurityblog.com/sphinx-new-zeus-variant-for-sale-on-the-black-market/#respond Tue, 03 May 2016 20:38:50 +0000 https://teksecurityblog.com/?p=5795 Republished from the now defunct Norse Corporation blog: May 2015. The 0Day marketplace was a busy beaver this weekend. I’ve been waiting and watching Sphinx for the past 10 days to see if the 0Day admin would verify this new threat: New Zeus Variant On Sunday evening, Sphinx, a new variant of the Zeus banking trojan was admin-verified. Sphinx […]

The post Sphinx: New Zeus Variant for Sale on the Black Market appeared first on TekSec.

https://teksecurityblog.com/sphinx-new-zeus-variant-for-sale-on-the-black-market/feed/ 0 5795
Down the Darknet Rabbit Hole Again https://teksecurityblog.com/down-the-darknet-rabbit-hole-again-2/ https://teksecurityblog.com/down-the-darknet-rabbit-hole-again-2/#respond Sun, 01 May 2016 03:00:19 +0000 https://teksecurityblog.com/?p=5790 Author note: This originally appeared at the defunct Norse Darkmatters blog during the summer of 2015: Exploring the Dark Recesses of the Deepweb (with minor edits). . . . Darknet Rabbit Hole I’ve been back down the rabbit hole, into the Darknet again and it’s been a hell of a hostile and discordant excursion this […]

The post Down the Darknet Rabbit Hole Again appeared first on TekSec.

https://teksecurityblog.com/down-the-darknet-rabbit-hole-again-2/feed/ 0 5790
Exploring the Dark Recesses of the Deepweb https://teksecurityblog.com/exploring-the-dark-recesses-of-the-deepweb/ https://teksecurityblog.com/exploring-the-dark-recesses-of-the-deepweb/#respond Sun, 01 May 2016 02:19:30 +0000 https://teksecurityblog.com/?p=5785 Author note: This originally appeared at the defunct Norse Darkmatters blog during the summer of 2015: Exploring the Dark Recesses of the Deepweb (with minor edits). . . . Deepweb, Darknet, Darkweb – It’s Deep… This is my ongoing saga (down the Deepweb rabbit hole) as I journey into the depths of the shadowy underbelly […]

The post Exploring the Dark Recesses of the Deepweb appeared first on TekSec.

https://teksecurityblog.com/exploring-the-dark-recesses-of-the-deepweb/feed/ 0 5785
Darknet Underground Meanderings https://teksecurityblog.com/darknet-underground-meanderings/ https://teksecurityblog.com/darknet-underground-meanderings/#respond Sun, 01 May 2016 01:50:51 +0000 https://teksecurityblog.com/?p=5780 Author note: This originally appeared at the defunct Norse Darkmatters blog during the summer of 2015: Meandering Through the Darknet Underground (with minor edits). . . . Darknet Underground I’ve been meandering through the Darknet underground again, mainly peeking into hidden forums, marketplaces, the onion-pastebin, and the Evil search engine. Along the way, I’ve managed to […]

The post Darknet Underground Meanderings appeared first on TekSec.

https://teksecurityblog.com/darknet-underground-meanderings/feed/ 0 5780
6 motivations of cybercriminals–Is it all about the money? https://teksecurityblog.com/6-motivations-cybercriminals-money/ https://teksecurityblog.com/6-motivations-cybercriminals-money/#respond Sun, 27 Mar 2016 19:11:47 +0000 https://teksecurityblog.com/?p=5982 Performing a Google search (for the past year) using the terms: “cybercrime” AND “hackers” produced over 5 million results. While scanning through search results, headline eye candy produced: Hackers are draining bank accounts via . . . Hackers Trick Email Systems Into Wiring Them Large Sums … Hackers siphon $47 million out of tech company’s […]

The post 6 motivations of cybercriminals–Is it all about the money? appeared first on TekSec.

https://teksecurityblog.com/6-motivations-cybercriminals-money/feed/ 0 5982
How to derail a Business Gmail Spam bomb https://teksecurityblog.com/how-to-derail-a-business-gmail-spam-bomb/ https://teksecurityblog.com/how-to-derail-a-business-gmail-spam-bomb/#respond Fri, 12 Feb 2016 06:31:43 +0000 https://teksecurityblog.com/?p=5922 Last Friday morning an East Coast client (ECC) woke up to find her Gmail business account pummeled with more than 40,000 spam emails—with approximately 150-250 emails bypassing Google’s spam filters to cut up her inbox—this ongoing spam deluge was no laughing matter. With business email delayed and spam consistently pouring in—ECC’s ability to conduct business on Friday […]

The post How to derail a Business Gmail Spam bomb appeared first on TekSec.

https://teksecurityblog.com/how-to-derail-a-business-gmail-spam-bomb/feed/ 0 5922
You’ve been hacked —what should you do next? https://teksecurityblog.com/youve-been-hacked-what-should-you-do-next/ https://teksecurityblog.com/youve-been-hacked-what-should-you-do-next/#respond Mon, 08 Feb 2016 15:15:23 +0000 https://teksecurityblog.com/?p=5869 I’ve been hacked a few times, and it is a terrifying position to be in. The last time I recall a major hack was back in 2011 gratis a Malaysian hacktivist. It is unclear how the attacker procured the password to an old Gmail account — that I rarely used — but it was most […]

The post You’ve been hacked —what should you do next? appeared first on TekSec.

https://teksecurityblog.com/youve-been-hacked-what-should-you-do-next/feed/ 0 5869
Ransomware: How being prepared and proactive foils the plot https://teksecurityblog.com/save-the-ransom-how-being-prepared-and-proactive-foils-the-plot/ https://teksecurityblog.com/save-the-ransom-how-being-prepared-and-proactive-foils-the-plot/#respond Mon, 25 Jan 2016 16:55:52 +0000 https://teksecurityblog.com/?p=5871 Since the advent of CryptoLocker in 2013, file-encrypting ransomware has become a scourge on the cyberthreat landscape. Whether it is delivered via an email/phishing/spam campaign, a drive-by download, malvertising or a browser exploit kit. Those who are unprepared for this type of attack often pay the ransom or lose all their files. While those who […]

The post Ransomware: How being prepared and proactive foils the plot appeared first on TekSec.

https://teksecurityblog.com/save-the-ransom-how-being-prepared-and-proactive-foils-the-plot/feed/ 0 5871
Young Darknet wannabe hackers — listen up! https://teksecurityblog.com/young-darknet-wannabe-hackers-listen-up/ https://teksecurityblog.com/young-darknet-wannabe-hackers-listen-up/#respond Thu, 14 Jan 2016 03:14:20 +0000 https://teksecurityblog.com/?p=5811 On Sunday, Onur Kopçak, a 26-year old Turkish hacker was sentenced to 135 years for stealing 11 peoples credit card information and selling it to other cybercriminals. With the additional sentencing of 199 years from a 2013 conviction that includes access device fraud, identity fraud, website forgery and wire fraud—this young hacker has a sentence of 334 […]

The post Young Darknet wannabe hackers — listen up! appeared first on TekSec.

https://teksecurityblog.com/young-darknet-wannabe-hackers-listen-up/feed/ 0 5811
The top 5 IT security threats for 2016 https://teksecurityblog.com/the-top-5-it-security-threats-for-2016/ https://teksecurityblog.com/the-top-5-it-security-threats-for-2016/#respond Wed, 06 Jan 2016 16:14:48 +0000 https://teksecurityblog.com/?p=5740 IT security threats for 2016 will be amplifying many of the cyberthreats that we have seen prevail throughout the year, while adding more emphasis to stealth threats. Ransomware will become hotter with threat actors and kiddie scripters alike, taking full advantage of streamlined and automated ransomware that promise lucrative financial gain. It will be a […]

The post The top 5 IT security threats for 2016 appeared first on TekSec.

https://teksecurityblog.com/the-top-5-it-security-threats-for-2016/feed/ 0 5740
Living off the land: A security threat to your data https://teksecurityblog.com/living-off-the-land-a-security-threat-to-your-data/ https://teksecurityblog.com/living-off-the-land-a-security-threat-to-your-data/#respond Tue, 08 Dec 2015 21:36:33 +0000 https://teksecurityblog.com/?p=5729 Early in September, Dell SecureWorks Counter Threat Unit™ Special Operations (CTU-SO) issued an alert about how threat actors are using sophisticated attacks via implementing a company’s own tools to compromise and steal data. This particular alert piqued my curiosity. CTU-SO further elaborated that in the past year “the threat actors accessed the target environment using compromised credentials […]

The post Living off the land: A security threat to your data appeared first on TekSec.

https://teksecurityblog.com/living-off-the-land-a-security-threat-to-your-data/feed/ 0 5729
Security: 11 tips to protect your data while shopping https://teksecurityblog.com/security-11-tips-to-protect-your-data-while-shopping/ https://teksecurityblog.com/security-11-tips-to-protect-your-data-while-shopping/#respond Tue, 08 Dec 2015 21:09:53 +0000 https://teksecurityblog.com/?p=5725 The shopping season is about to erupt in full swing beginning on Black Friday. Many retailers are even extending their Cyber Monday sales to be cyber week sales. This is the time when consumers should taking additional precautions to protect personal data on their devices. 2015 has been the year of the data breach, and […]

The post Security: 11 tips to protect your data while shopping appeared first on TekSec.

https://teksecurityblog.com/security-11-tips-to-protect-your-data-while-shopping/feed/ 0 5725
The Darknet Hell Forum Timeline Revisited https://teksecurityblog.com/the-darknet-hell-forum-timeline-revisited/ https://teksecurityblog.com/the-darknet-hell-forum-timeline-revisited/#respond Tue, 03 Nov 2015 04:15:24 +0000 https://teksecurityblog.com/?p=5706 Back in April of this year I wrote about the AdultFriendFinder data breach: Hacked! How safe is your data on Adult Sites? I did not mention the name of the hacked site because I was worried that I could potentially face legal repercussions. So, I sat on a leaked database of almost 3.9 million unique email […]

The post The Darknet Hell Forum Timeline Revisited appeared first on TekSec.

https://teksecurityblog.com/the-darknet-hell-forum-timeline-revisited/feed/ 0 5706
Secure remote employee’s SOHO routers & eliminate backdoors into your network https://teksecurityblog.com/secure-remote-employees-soho-routers-eliminate-backdoors-into-your-network/ https://teksecurityblog.com/secure-remote-employees-soho-routers-eliminate-backdoors-into-your-network/#respond Fri, 30 Oct 2015 05:00:58 +0000 https://teksecurityblog.com/?p=5699 With increasing commute times and technological advances, remote employees who work from home have become a reality. Even if a company has provided the employee with hardware, security software, a VPN connection, encryption, and security training — securing the Small Office/Home Office (SOHO) router is often overlooked and underestimated. Because I was an IT security […]

The post Secure remote employee’s SOHO routers & eliminate backdoors into your network appeared first on TekSec.

https://teksecurityblog.com/secure-remote-employees-soho-routers-eliminate-backdoors-into-your-network/feed/ 0 5699
Cyberextortion ups the ante https://teksecurityblog.com/cyberextortion-ups-the-ante/ https://teksecurityblog.com/cyberextortion-ups-the-ante/#respond Sun, 27 Sep 2015 20:55:51 +0000 https://teksecurityblog.com/?p=5684 With everything that has been occurring upon the treacherous terrain of the cyberthreat landscape this year – we have not arrived at the point of a digital Pearl Harbor yet. TechTarget defines cyberextortion as “a crime involving an attack or threat of attack against an enterprise, coupled with a demand for money to avert or […]

The post Cyberextortion ups the ante appeared first on TekSec.

https://teksecurityblog.com/cyberextortion-ups-the-ante/feed/ 0 5684
Healthcare sector is finding ways to minimize hackability https://teksecurityblog.com/healthcare-sector-is-finding-ways-to-minimize-hackability/ https://teksecurityblog.com/healthcare-sector-is-finding-ways-to-minimize-hackability/#respond Thu, 27 Aug 2015 16:42:31 +0000 https://teksecurityblog.com/?p=5617 Did you know that the healthcare industry is a far easier target for hackers to invade than banking or retail is? With more entry points into healthcare systems — cybercriminals can attack medical devices such as CT and PET scanners, MRI machines, and PACS via MEDJACK (medical device hijack) and infect them with malware — thus creating backdoors into […]

The post Healthcare sector is finding ways to minimize hackability appeared first on TekSec.

https://teksecurityblog.com/healthcare-sector-is-finding-ways-to-minimize-hackability/feed/ 0 5617
That Ashley Madison “Thing” https://teksecurityblog.com/that-ashley-madison-thing/ https://teksecurityblog.com/that-ashley-madison-thing/#respond Tue, 25 Aug 2015 08:44:54 +0000 https://teksecurityblog.com/?p=5648 I made it though the AdultFriendFinder’s (AFF) craze, barely… I am not the type of person that likes a lot of media attention. I tend to find my comfort zone in the area of research and writing. Though I can do any company or brand justice in the realm of social media—  by nature, I am […]

The post That Ashley Madison “Thing” appeared first on TekSec.

https://teksecurityblog.com/that-ashley-madison-thing/feed/ 0 5648
Healthcare hackers & their dirty little secrets https://teksecurityblog.com/healthcare-hackers-their-dirty-little-secrets/ https://teksecurityblog.com/healthcare-hackers-their-dirty-little-secrets/#respond Wed, 19 Aug 2015 16:05:00 +0000 https://teksecurityblog.com/?p=5582 In the world of cybersecurity, the healthcare industry is under siege. A Google search for ” healthcare breach ” now yields about 28,000,000 results , where a Google news search returns 100,000 news articles. Stolen healthcare insurance credentials are like a significant other to a hacker and may reveal things we would prefer to keep private and hidden. In 2015, […]

The post Healthcare hackers & their dirty little secrets appeared first on TekSec.

https://teksecurityblog.com/healthcare-hackers-their-dirty-little-secrets/feed/ 0 5582
The Deep Web: Darknets Evo Marketplace https://teksecurityblog.com/darknets-evo-marketplace/ https://teksecurityblog.com/darknets-evo-marketplace/#respond Sat, 08 Aug 2015 17:45:55 +0000 https://teksecurityblog.com/?p=4732 I recently took a nice little swoop into the rabbit hole of the deep web to explore Darknets. Though I’ve been down there numerous times over the years; I have to admit that each new excursion always feels like a redux of a childhood Christmas eve . Spinning back in time —  I was that […]

The post The Deep Web: Darknets Evo Marketplace appeared first on TekSec.

https://teksecurityblog.com/darknets-evo-marketplace/feed/ 0 4732
Travel: Using Wi-Fi in-flight? https://teksecurityblog.com/travel-using-wi-fi-in-flight/ https://teksecurityblog.com/travel-using-wi-fi-in-flight/#respond Sat, 25 Jul 2015 03:13:39 +0000 https://teksecurityblog.com/?p=5534 When you are 30,000 feet in the air and your flight offers Wi-Fi, are you really thinking about hacker Jon who is sitting in seat 44C? Probably not. Most people do not even consider that in-flight Wi-Fi is just like public Wi-Fi at a coffee shop. When you purchase time on an in-flight wireless network, […]

The post Travel: Using Wi-Fi in-flight? appeared first on TekSec.

https://teksecurityblog.com/travel-using-wi-fi-in-flight/feed/ 0 5534