Amazon shoppers and users beware! There is a new Locky ransomware campaign targeting you. Please take the time to closely inspect your email messages and take caution when receiving unexpected attachments. It is highly unlikely that Amazon would ever send you a Word document, so don’t click. Simply delete!
Month: May 2016
Microsoft Warns of ZCryptor Ransomware with Self-Propagation Features
Please take a moment to review this information concerning ZCryptor. This type of ransomware is particularly disturbing due to its worm-like characteristics.
Microsoft May Ban Your Favorite Password
I fully realize this decision by Microsoft is going to annoy a variety of people, but frankly this type of obvious, heads up change should be made by vendors across the industry. Weak passwords are stupid. It is as simple as that. People need to comply and move forward.
http://www.securityweek.com/microsoft-may-ban-your-favorite-password
PCI Standard’s Multi-factor Authentication Mandate Delayed ‘Til 2018
To all of my friends out there working in a PCI-applicable environment, this is good and very relevant news. You have been granted a reprieve. A couple of the more difficult compliance requirements in DSS 3.2 (SSL/TLS & multi-factor authentication) have been deferred until 2018. Please take this time to plan and implement accordingly.
http://www.infosecurity-magazine.com/news/pci-standards-multifactor/
Windows 10 – Microsoft U-turn on ‘nasty trick’ pop-up
In all honesty, this never should have happened in the first place. What Microsoft did was truly sneaky and nasty, so this reverse in course was very much warranted.
Securing Business-to-Business Environments
Marketing value aside, this is good, sound advice from the team at Fortinet. Please take a moment to review the recommendations in this article and consider the value of segmentation and monitoring for your B2B connections.
http://blog.fortinet.com/2016/05/25/securing-business-to-business-environments
Bad guys jump ship to CryptXXX after TeslaCrypt authors release decryption key
Cut the head off one Ransomware version and at least one more pops up and takes its place. It looks like the shift from Teslacrypt has already begun. Please beware of this new shift in attack vectors.
