I always get asked this question “Is it safe to use a password manager??

Short answer is, it depends.

Some of the reasons to start using a password manager are listed below:

  • We have too many accounts on the internet, keeping track of accounts becomes difficult
  • Having many accounts brings the
  • If the same password is used across all sites, then you are exposing yourself to password spray attacks.
  • Your passwords cannot have a pattern, because once someone finds it out they can use it to guess your other passwords. For instance, if your password pattern is sitename.somechars, …


Intro

Before the internet, applications, and data were stored in private data centers and access was very tightly controlled. Only people within an office premise could get access to the data from company-issued devices (desktops, laptops, dumb terminals). Access to office premises and data centers was controlled via access cards, keys, security guards, etc. Communications between organizations were via private lines and the controls were similar across organizations.

We have to remember is that at all times our goal is to protect the information, it is derived from data, and data is stored in data centers. Computers are stored in data…


Introduction

US departments of Commerce and Treasury were victims to the same threat vector that was exploited at FireEye. As organizations that have Solarwinds Orion installed conduct forensics on their environment, we will see the impacts of this backdoor. Brian Krebs has posted a list of organizations that were using Orion in this blogpost U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise

Solarwinds recently filed an SEC report indicating that, while they have over 300,000 customers, fewer than 18,000 customers were running the trojanized version of the Orion software.

My post, Asset Management! Why is it Important in Cyber Security? highlights…


Cyber Security 101: Do you have inventory of all computers, printers, scanners, other devices, and application you have?
Cyber Security 101: Do you have inventory of all computers, printers, scanners, other devices, and application you have?

Do you know what is connected to your network, which applications are you and/or your organization is using?

Why is this important?

The majority of Cyber Security breaches are a result of an unpatched vulnerability in a device connected to your network. These can be to name a few, an operating system, application, database, WiFi access points, multifunction printer, switch, router, firewall, wireless speaker, home/office automation devices like security systems, thermostats, bulbs, light switches, etc.

What is a patch?

Patches are software fixes introduced by vendors to address issues identified in their product(s). In cybersecurity world, these issues are called vulnerabilities. This particular issue is causing the product…


Introduction

On 8th December 2020, FireEye disclosed that they were hacked and the hackers got away with their Red teaming tools and they have no idea who was behind this attack.

When all efforts to identify the probable attacker fail it becomes it easily becomes the act perpetrated by “state-backed hackers.”

In his blogpost, FireEye CEO, Kevin Mandia, says :

“Based on my 25 years in cybersecurity and responding to incidents, I’ve concluded we are witnessing an attack by a nation with top-tier offensive capabilities. This attack is different from the tens of thousands of incidents we have responded to throughout…


OneNote to Markdown

Problem

I have been using Microsoft OneNote for 10+ years, hence have a lot of notes in it. Finding notes in OneNote is becoming difficult now, and there is no way to establish links between notes. I have started a journey towards adopting Personal Knowledge Management and Second Brain principles. After researching for options that suited my journey, I have selected Obsidian as a tool of choice. Obsidian allows hashtagging, ability to link notes very easily, resulting in information being at your fingertips when you need it. …


Image by https://bleepingcomputer.com

Active Threats

  • “Payment card data from customers of Greenworks hardware tools website is currently being stolen by hackers via a malicious script with self-cloaking capabilities and anti-tampering protection. Greenworks distributes home and garden battery-powered tools for DIY consumers. Its business started in 2007 and grew to expand in North America and Europe.” https://www.bleepingcomputer.com/news/security/self-destructing-skimmer-steals-credit-cards-of-greenworks-customers/
  • “The Japanese carmaker Honda announced that threat actors have compromised the Honda network disrupting its business in several countries. Source informed about the security incident believe Honda’s systems have been infected with SNAKE Ransomware. BleepingComputer reported that a security researcher named Milkream has found a sample of the SNAKE…


Image by https://threatpost.com

Active Threats

  • “In a new report shared with The Hacker News, cybersecurity firm RiskIQ said it identified three compromised websites belonging to Endeavor Business Media last month that are still hosting JavaScript skimming code — a classic tactic embraced by Magecart, a consortium of different hacker groups who target online shopping cart systems.” https://thehackernews.com/2020/06/magecart-skimmer-amazon.html
  • “Scammers have hijacked three YouTube channels to display bitcoin scams impersonating Elon Musk’s SpaceX channel. So far, these scams have raked in close to $150,000 in bitcoins in two days. For years, scammers have been impersonating Elon Musk and SpaceX to perform cryptocurrency giveaways and other scams promising…

Image by https://threatpost.com

Privacy

  • “Google is indexing the phone numbers of WhatsApp users that could be abused by threat actors for malicious activities. Even if Google Search only revealed the phone numbers and not the identities of associated users, ill-intentioned attackers could be able to see users’ profile pictures on WhatsApp and performing a reverse-image search the user’s profile picture to gather additional info on the potential victim (i.e. mining social media accounts where the victim use the same profile picture).” https://securityaffairs.co/wordpress/104445/digital-id/google-indexed-whatsapp-numbers.html
  • “Singapore’s announcement that it is developing a wearable for contact tracing has caused citizens to voice concern for the technology’s impact on…

Image by https://recordedfuture.com
  1. “Hangover Group is a cyberespionage group that was first observed in December 2013 carrying on a cyberattack against a telecom corporation in Norway. Cybersecurity firm Norman reported that the cyberattacks were emerging from India and the group sought and carried on attacks against targets of national interest, such as Pakistan and China. However, there have been indicators of Hangover activity in the U.S. and Europe. Mainly focusing on government, military, and civilian organizations. The Hangover Group’s initial vector of compromise is to carry out spear-phishing campaigns. The group uses local and topical news lures from the South Asia region to…

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store