Buisness email compromise and email account compromise are on the rise, there's no doubt about it. With over $12 billion in losses since 2013, it's also an extremely lucrative attack vector for the bad actors. With all the work that goes into social engineering these types of attacks, it's no wonder attackers have started looking into less strenuous methods for compromising the systems and addresses that they are targeting.
The Ghost in the Machine
Some say that Robert Tappan Morris, created a monster and unleashed the greatest evil in the world that we know today, the Morris Worm. On November 2, 1988 Morris was working on a graduate project at Cornell University and "inadvertently" shut down over 10% of the internet. There are conflicting viewpoints as to whether or not Morris' experiment was malicious. While he did build in code to slow the worms advance rate down, it wasn't enough, and it quickly got out of control.
Black Friday is just around the corner, and many people will be out trying to get their hands on the latest gadgets for their loved ones. I will not be apart of that, I've stuck my head out on Black Friday once or twice in my life and regretted it every time. Something as simple as getting a replacement USB cable for a device turned into a 4 hour excursion, where 3 1/2 of those hours were waiting in line to check out.
The Financial Times recently released an article written by the Chief Executive of Cambridge Quantum Computing, Ilyas Khan, about why quantum proofing our cyberspace is needed now. With the advent of the first quantum computers this year, it won't be long now before current encryption standards are cracked by computers more powerful than the ones we currently know and use. It's a very thought provoking article.
DIY cloud storage, email and web server architectures have been around for ages, though they do have some downfalls. For the uninitiated, the process can be quite complex. Finding server software in the price range of cheap to free can oftentimes lead to risky security vulnerabilities on your network. Then there's the issue of maintaining a static IP address with your ISP and reverse DNS lookups. All this and more is why most folks tend to rely on companies, such as Google, Apple and others, to provide those services.
Smartphones make our lives easier in almost every way. They allow us to hail a cab, order dinner, shop for groceries, and look up the information that you had in your head 2 seconds ago and lost. With all that computing power, one would think that security updates should be a top priority as our phones probably have more information than our desktops or laptops. Where most desktops and laptop operating systems are patched monthly, most phones aren't patched nearly as often, if ever. Phone manufacturers have had the say of which phones they create will get security patches.
For those of you who may use or even peruse Tumblr, now may be the time to change passwords and take other such security measures. Just today Tumblr posted an announcement stating that a flaw was found in their "Recommended Posts" widget. The flaw was reported by a security researcher and sent to Tumblr's Bug Bounty program. The flaw was large enough that Tumblr won't even reveal the full details of the bug.
What's scarier than that weird guy on the block that decides to decorate his house for Halloween in August? The answer, military weapon systems being hacked in less than an hour by two people. Yes, you read that right.
The more I dive into the world of cybersecurity threats and vulnerabilities, the more I wish I could just stay at home and not have to worry about any of it. It's a scary thing...
So, I'll admit the title of this post is stolen from the genius young man in Australia who was able to successfully hack into Apple's private systems, not once, not twice, but numerous times downloading over 90GB of data. Now I don't condone this sort of thing, but a tech giant as big as Apple should have known better, and while what the boy did was wrong, he did it because he wanted an insider look into the company that he aspired to work for as an adult.