Dell recently had a snafu in its domain registration and was the victim of one of the oldest internet “hustles”.  Cybersquatting and domain drop catching (aka Domain sniping).

Around June to early July 2017, DellBackupandRecoveryCloudStorage.com domain was the property of a German company named TeamInternet.com.  Apparently, they specialize in selling what appears to be typosquatting traffic.  In other words, they are “dirty spammers and linkjackers“.  Think as in terms of typing in Goggle.com instead of Google.com.

According to Dell no information or backups look to have been lost or compromised due to the domain loss.

Below is a link to a great article about it from KrebsOnSecurity.

#Dell #Security #Cybersquatting #DomainSniping

https://krebsonsecurity.com/2017/10/dell-lost-control-of-key-customer-support-domain-for-a-month-in-2017/

 

Amazon is seemingly dipping its toes into the security market with this new Alexa enabled camera. Also if you buy the in home delivery bundle it’s $100 cheaper.

Yes I said in home.

This bundle includes a smart lock that allows Amazon deliveries to open your door and place your package inside.

All the security implications aside this is an interesting twist to an offering. IoT has changed the game.

#security #IoT #Amazon

https://www.theverge.com/circuitbreaker/2017/10/25/16535002/amazon-cloud-cam-camera-alexa-key-in-home-delivery

A serious vulnerability has been found in wireless encryption. The good news is the attacker has to be local to the network being attacked. That is if you can call this good news. Major vendors are already producing patches and end users should update their devices as soon as possible. And as always contact your IT professional for advice.

http://www.appy-geek.com/Web/ArticleWeb.aspx?regionid=1&articleid=118041131&source=wordpress

With all the massive issues of data breaches and companies playing fast and loose with our personal data it have fallen to the consumer once again to was the out for themselves. I personally have no more use for my now 3rd “free for one year” credit monitoring (eye roll) . A one year credit monitoring service has become the normal give for them screwing up but we all know that isn’t nearly enough.

So as one more check you can go to haveibeenpwned.com and check your email addresses to see if they are on some know hacked and spam lists. It won’t stop the bad guys but at least you have one more tool in the tool box for slowing them down.

https://www.haveibeenpwned.com

http://www.iflscience.com/technology/if-your-email-address-is-on-this-list-change-your-password-right-now/

 

From a technical perspective, the Equifax breach was a fairly simple hack.  Boiled WAY down the thieves took advantage of an old bug in Apache Struts on an unpatched vulnerable web server and in doing so became a process owner on that server.  This then gave them access to other connected systems.  So with time likely on their side, they roamed the network and made out with the proverbial goods.

In reflection, now that we have had time to digest the response it begs to reason if Equifax did all it could as stewards of our information and data.

So as further reading we’d thought we’d share a great article on the techie part of the how and how it affects us all.

#security #equifaxbreach #hacking

https://www.wired.com/story/equifax-breach-no-excuse/

 

As scammers are always looking for a new way to get you to pick up the phone they have tried many different approaches such as calling you from toll-free numbers, unknown numbers, or international numbers.

But one consistently used tactic is spoofing.  spoofing allows them to change the number being displayed to users receiving the call.  Formerly scammers would spoof any number in your area code to increase answers but now they have simply spoofed your direct number.

Why?  Well, who has their own number blocked or blacklisted?

So beware of you… calling you…

#phishing #scams #phonescams

http://www.goodhousekeeping.com/life/money/news/a46197/phone-scam-own-number/