Dave’s LIfe – DavidJohnston.org

I’m back!

February 16, 2020 by Dave

My wife Grace just started a blog for a class she’s taking. Seeing her post each week, made me think about how much fun I had blogging years ago. I had a blog from 2004 to about 2013 with several names including dave.sonic.net, AngryVillagers.net, and FriendsofDave.org. I liked having a place to capture my thoughts. …

Chinese APT Groups Targeted Enterprise Linux Systems in Decade-Long Data Theft Campaign April 7, 2020
Organizations across multiple industries compromised in a systematic effort to steal IP and other sensitive business data, BlackBerry says.
Cybercriminals Hide Malware & Phishing Sites Under SSL Certificates April 7, 2020
More than half of the top 1 million websites use HTTPS, researchers report, but not all encrypted traffic is safe.
71% of Security Pros See Threats Jump Since COVID-19 Outbreak April 7, 2020
Phishing is the top threat, followed by websites offering false information about the pandemic, malware, and ransomware attacks.
Using Application Telemetry to Reveal Insider & Evasive Threats April 7, 2020
Data from application processes and other systems leave a trail of threat crumbs that can be used to detect and shut down attacks.
More Attackers Have Begun Using Zero-Day Exploits April 6, 2020
Vendors of offensive cyber tools have made it easy for any threat group with the right funds to leverage unpatched bugs, FireEye says.
Misconfigured Containers Again Targeted by Cryptominer Malware April 6, 2020
An attack group is searching for insecure containers exposing the Docker API and then installing a program that attempts to mine cryptocurrency. It's not the first time.
Microsoft: Emotet Attack Shut Down an Entire Business Network April 6, 2020
The infection started with a phishing email and spread throughout the organization, overheating all machines and flooding its Internet connection.
FBI Warns of BEC Dangers April 6, 2020
A new PSA warns of attacks launched against users of two popular cloud-based email systems.
Mozilla Patches Two Critical Zero-Days in Firefox April 6, 2020
The latest release of Firefox brings fixes for two Critical vulnerabilities already seen exploited in the wild.
Why Humans Are Phishing's Weakest Link April 6, 2020
And it's not just because they click when they shouldn't... they also leave a trail of clues and details that make them easy to spoof