I’m back!

February 16, 2020 by Dave

My wife Grace just started a blog for a class she’s taking. Seeing her post each week, made me think about how much fun I had blogging years ago.

I had a blog from 2004 to about 2013 with several names including dave.sonic.net, AngryVillagers.net, and FriendsofDave.org. I liked having a place to capture my thoughts. While some people actually did read it, it was mostly for me. It gave me a place for creative expression. When I went back to school to finish my degree in 2014, I didn’t have the time any more to write, so I retired my site. I probably still don’t have any time to write between my job as a Director of Information Technology for my local college, my extra job teaching Linux online for Brigham Young University – Idaho, my responsibilities at home, church, and the occasional consulting job that I pick up. I decided to try to blog again for a while and see what happens. Maybe I’ll run out of time and interest and this one will end up in the bit bucket as well. Until that happens, here we go.

Dark Reading Attacks/Breachs

Chinese APT Groups Targeted Enterprise Linux Systems in Decade-Long Data Theft Campaign April 7, 2020

Organizations across multiple industries compromised in a systematic effort to steal IP and other sensitive business data, BlackBerry says.

Cybercriminals Hide Malware & Phishing Sites Under SSL Certificates April 7, 2020

More than half of the top 1 million websites use HTTPS, researchers report, but not all encrypted traffic is safe.

71% of Security Pros See Threats Jump Since COVID-19 Outbreak April 7, 2020

Phishing is the top threat, followed by websites offering false information about the pandemic, malware, and ransomware attacks.

Using Application Telemetry to Reveal Insider & Evasive Threats April 7, 2020

Data from application processes and other systems leave a trail of threat crumbs that can be used to detect and shut down attacks.

More Attackers Have Begun Using Zero-Day Exploits April 6, 2020

Vendors of offensive cyber tools have made it easy for any threat group with the right funds to leverage unpatched bugs, FireEye says.

Misconfigured Containers Again Targeted by Cryptominer Malware April 6, 2020

An attack group is searching for insecure containers exposing the Docker API and then installing a program that attempts to mine cryptocurrency. It's not the first time.

Microsoft: Emotet Attack Shut Down an Entire Business Network April 6, 2020

The infection started with a phishing email and spread throughout the organization, overheating all machines and flooding its Internet connection.

FBI Warns of BEC Dangers April 6, 2020

A new PSA warns of attacks launched against users of two popular cloud-based email systems.

Mozilla Patches Two Critical Zero-Days in Firefox April 6, 2020

The latest release of Firefox brings fixes for two Critical vulnerabilities already seen exploited in the wild.

Why Humans Are Phishing's Weakest Link April 6, 2020

And it's not just because they click when they shouldn't... they also leave a trail of clues and details that make them easy to spoof