IA Director and Homeland Security Secretary Hacked – No Malware Needed

October 19, 2015

The FBI and Secret Service are investigating reports that the private email accounts of CIA Director John Brennan and Homeland Security Secretary Jeh Johnson were “hacked.”

cnn reports

So, how did the hacker do it?  Hacking is malware, right? This case demonstrates that hacking is not malware.  Hacking is the theft of credentials.  Credentials can be stolen with malware. However, credentials can be stolen in other ways. This hacker is talking to the press. He told The New York Post that the way he stole the credentials was “social engineering.” Rather than attacking systems, social engineering manipulates people.

Learn more at our new blog.

Advertisements

Compromise Monday – Now What?

October 5, 2015

Last week saw an inauspicious beginning to Cybersecurity Awareness Month with user data compromises announced at:

  • The American Banker Association, number undisclosed
  • T-Mobile, 15 million, over 2 years ending Sept. 16, 2015
  • Scottrade, 4.6 million during late 2013 and early 2014
  • Patreon, the crowdsourcing website, 2.3 million users

scottrade

Now you are aware of Cybersecurity. What next?  You can’t fix your vendors. Learn more about protecting yourself at our new blog.