Mischel Kwon and Associates LLC (MKA) is a minority, women-owned small business focused on security architecture, cyber tool development, testing and integration, security operations, and cyber defense. MKA’s skilled cyber technologists provide architecture, tools, policy and process that enable defensive security for mission-focused networks.
Read the full story »
Hack »
Don’t Be a Victim of a Phishing Attack
Criminals and hackers have been extremely sophisticated in creating phony, but authentic looking e-mails that seemed to have originated from legitimate companies. If you receive an e-mail that you believe to be a phishing attempt, do not reply to it since by doing so will just validate the e-mail address is correct. Trust me, you do not want that to happen.
New Trojan Malware Attempts to Hijack Facebook Accounts
Microsoft recently announced that it had found a malicious browser extension making the rounds on Mozilla Firefox and Google Chrome that, when downloaded, attempted to hijack users’ Facebook profiles.
Mozilla pushes out new Firefox and Thunderbird: 8 security advisories, 3 critical fixes
A posting from Naked Security about Mozilla pushes out new Firefox and Thunderbird: Not to be outdone by Microsoft’s and Adobe’s Patch Tuesday releases, Mozilla pushed out its latest browser and email client updates today. The Firefox browser goes to 21.0, on Android as well as on desktops. (You don’t install browsers on your servers, do you?) The Thunderbird email client is only available in an Extended Support Release [...]
U.S. Cyber Command Head General Alexander To Keynote Black Hat USA 2013
A posting from Dark Reading in there New section: Major information security event Black Hat has announced that General Keith Alexander — Commander, U.S. Cyber Command/Director, National Security Agency/Chief, Central Security Service (NSA/CSS) — will present the Day One keynote address at Black Hat USA 2013 in Las Vegas this July.
In 2010, the U.S. Senate confirmed GEN Alexander [...]
Web Application Testing Using Real-World Attacks
A posting from Dark Reading in there Vulnerability Management section: Vulnerability management and scanning systems typically combine a number of techniques to assess the risk faced by a business’s information technology, from scanning files and evaluating the current patch level to launching attacks and testing for practical vulnerabilities.
While assessing patch level tends to be the most reliable way [...]
Anonymous Taiwan takes down multiple Philippines Govt. Websites and Leaked Confidential data online
Anonymous Taiwan takes down multiple Philippines Govt. Websites and Leaked Confidential data online
Microsoft warns of new Trojan hijacking Facebook accounts
A posting from Cnet News in there Security & Privacy section: Microsoft has issued a warning that a new piece of malware masquerading as a Google Chrome extension and Firefox add-on is making the rounds, threatening to hijack Facebook accounts. First detected in Brazil, Trojan:JS/Febipos.A attempts to keep itself updated, just like normal, legitimate browser extensions, [...]
Outbreak! Fake Amazon UK emails spammed out, delivering malware
A posting from Naked Security about malware : Beware! A spate of malicious emails have been spammed out by online criminals, disguised as legitimate communications from the UK branch of online retail giant Amazon. In a widespread attack, email messages have been distributed designed to trick computer users into opening an attachment disguised as information about an order for an [...]
3 Big Mistakes In Incident Response
A posting from DarkReading from there Security monitoring section: The incident response specialist investigating a recent breach of a government services firm was convinced the attack he was investigating was the handiwork of a group of Chinese hackers. The type of malware he found was commonly associated with that group of attackers, so he concentrated his efforts on cleanup and analysis [...]
Is Application Sandboxing The Next Endpoint Security Must-Have?
A posting from Dark Reading in there Endpoint Security section : With the onslaught of zero-day attacks continuing to increase the barrage of unanswered threats against endpoints, there’s a growing contingent of security advocates championing the addition of a virtualized container layer in the endpoint security mix. Analyst predictions are rosy for the virtual containerization [...]
Sony hacking suspect smashes computers to get out of prosecution
A posting from Naked Security: A 23-year-old man suspected of helping to hack into Sony’s PlayStation Network got out of being penalized for the crime by smashing his computers and making his hard drives disappear.
Todd M. Miller, of Columbus, in the US state of Ohio, was sentenced on Thursday to a year on house arrest for obstructing a [...]
May Patch Tuesday coming up – Microsoft still not sure if latest 0-day fix will make the cut
A posting from Naked Security on patch Tuesday : Microsoft’s Patch Tuesday for May 2013 will be published in the coming week.
It’ll be out on Tuesday 14 May 2013. (Wednesday 14 May for everywhere from about Malaysia eastwards.)
Here’s the elevator pitch:
33 vulnerabilities identified and fixed.
Ten separate patches.
Eight rated Important. (Apply ASAP.)
Two rated Critical. (Apply immediately.)
A reboot is required.
Loosely translated, Microsoft’s [...]
Indian government investigates firms at center of global cyber heist
A posting from NBCNEWS in there technology section about Indian’s government investigates firms at center of global cyber heist: MUMBAI/BANGALORE, May 12 (Reuters) – The Indian government’s cyber watchdog is investigating how security at two companies that are part of the country’s vast IT services industry was breached in a global ATM heist that saw $45 million stolen [...]
US cyberwar strategy stokes fear of blowback
A posting from NBC NEWS in there technology section: WASHINGTON (Reuters) – Even as the U.S. government confronts rival powers over widespread Internet espionage, it has become the biggest buyer in a burgeoning gray market where hackers and security firms sell tools for breaking into computers.
The strategy is spurring concern in the technology industry and intelligence community that [...]
Microsoft rushes out CVE-2013-1347 “Fix it” for the latest Internet Explorer zero-day
A posting from Naked Security: Remember the US Department of Labor hackwe wrote about at the beginning of the month?
A microsite off the main web page was compromised and used to serve up a drive-by download cocktail that aimed to infect your computer surreptitiously.
The vulnerability that was exploited in the drive-by turned out to an unpatched [...]
Nordstrom tracking customer movement via smartphones’ WiFi sniffing
A posting from Naked Security:
You’ve spent quite some time in the lingerie department, but you haven’t even peeked at our display of Bose® ‘OE2′ Audio Headphones, which were $149.95 but are now ONLY $134.96! Can we talk?”
OK, so that’s not exactly what Nordstrom says it’s planning to do with the information it gleans from tracking [...]
Senate Bill Calls For ‘Watch List’ Of Nations Cyberspying On U.S., Trade Sanctions
A posting from Dark Reading in there Advance threats section:
In a week that began with the rare move of the Pentagon calling out the Chinese government and military for attacks on U.S. government networks, some key senators have drafted a bill that would create a watch list of nations conducting cyberespionage against the U.S., and spell out [...]
Unpatched Remote Access Tools: Your Gift To Attackers
A posting from Information Week in there Security section:
Help desk teams love remote-control software. When employees call with computer problems, the IT department can remotely take control of the user’s machine, copy over files and set all application and operating system wrongs to right.
Unfortunately, they’re not the only group interested in putting TeamViewer, Symantec PCAnywhere, [...]
Pentagon OKs Androids, BlackBerrys for soldiers
A posting from Naked Security about the Pentagon OKs Androids, BlackBerrys for soldiers:
The US Department of Defense (DoD) announced on Thursday that it has approved the use of Samsung phones running a hardened version of Android.
According to the BBC, the approval for other types of smartphones and mobile devices for use by US soldiers is coming soon.
Specifically, [...]
Metasploit Module Released For IE Zero-Day Flaw Used In Labor Attack
A posting from Dark reading: A targeted attack discovered last week serving up malware from the U.S. Department of Labor’s (DOL) website employed a previously unknown vulnerability in Internet Explorer 8 that Microsoft says it will fix either with an emergency patch or via its monthly patch process.
And as is tradition, Metasploit also has quickly [...]
5 Ways For SMBs To Boost Security But Not Costs
A posting from Dark reading: For many businesses, improving their security seems like the proverbial money pit: but it doesn’t have to be that way.
While the time crunch of attending to the demands of the daily business has typically created an accumulation of security problems for many businesses, information technology professionals at SMBs can improve their [...]
Sweet Password Security Strategy: Honeywords
A posting from Information Week in there security section: Businesses should seed their password databases with fake passwords and then monitor all login attempts for use of those credentials to detect if hackers have stolen stored user information.
That’s the thinking behind the “honeywords” concept first proposed this month in ”Honeywords: Making Password-Cracking Detectable,” a paper written by Ari Juels, chief scientist at [...]
Malicious link on Facebook distributing Fake Adobe Flash Player add-on; Hackers Hijacking your Online Accounts
A Malicious Link is nearby you on Facebook which claims to give you the info that who viewed your profile but on the name of that gives you the fake and Malware filled browser add-on of Adobe Flash Player.
Loading ...
Most Commented
- Information Security vs Information Privacy
- DNSChanger Malware: Produced by US-CERT
- 'Kali Linux' or 'BackTrack 6' has been released with more than 300 penetration testing tools, completely free
- Core Security Technologies present IT SECURITY WEBCAST with Ed Skoudis, Josh Wright, and Kevin Johnson
- "Guy Fawkes Virus" May Be The Cause for Offensive Facebook Images
Follow Us!