CyberCrowd

Artificial Intelligence (AI) is all the rage, which means the hackers will soon use it to improve their attacks.

What will that mean and what should you do about it?

from blogpost  

There are at least a few Russian attacks (including one against a hospital), but did the Russian attacks also cause a cascading effect?

At T-Mobile there was a 27 million account breach.  Which also caused problems for Google Fi, Might be time to change your sim card if you have a Google Fi mobile account.

Unfortunately enough small businesses do not do what is needed to defend systems against cyberattacks. Here is an example and what to do to prevent cyberattacks from succeeding.

3 actions to take to defend your systems

Discussing some cybersecurity pitfalls, as I try and reboot the podcast with a sound effects board and a conversation with a fictitious small business owner to try and explain the topic - the small business owner needs cyberinsurance.

What are some of the pitfalls and aspects of getting cyber insurance? Cyberinsurance companies are relatively young compared to other insurance companies. So there may be instances if a lot of companies get hacked there may be an incentive for the insurance company to get out of the payout.

To get cyber insurance will have to have a lot of documentation.

my top 5  cybersecurity topics in 2022 on blogsite oversitesentry.com

5. Less than 100 employees are 3x likely to get hacked or attacked.

4. Log4J vulnerability was a problem

3.  What if MFA is hacked? Can be a problem – MFA should be close to foolproof

2.  Microsoft feature is actually a vulnerability (special config to solve)

1. Tencent and other gaming companies are Chinese which is a problem.

Why do we have to prepare for Cyber Attacks and how can we prepare? 10 items to keep in mind while defending your environment.

Get started now - My blogpost is about a threat report from Palo Alto's Unit42 report. I discuss what you can do to prepare for cyber attacks.

Do you want to prevent ransomware? What are 3 steps to prevent ransomware?

1. Education (phishing awareness)

2. Avoid having vulnerabilities

3. Listen to podcast for last step :)

How does a small business (less than 100 computers up to even 200 computers) handle cybersecurity risk?

I discuss the 4 broad categories  of attacks ( criminal hackers, nation-states, anonymous activists, and insiders/script kiddies)  discuss the Risk = Impact * Likelihood. In just ~12 min.

Unfortunately an anomaly in Microsoft drivers signing system within most Microsoft operating systems causes teh possibility of a hacker taking advantage and insert a vulnerable driver.

I discuss this issue - if any questions please ask.

Clarification after questions...

from my blog: Oversitesentry.com

When we travel out of our home area we do different things - those actions sometimes create a profile for the cyber attackers which make it easier to attack. Keep in mind a few items so that the attackers have a harder time. Do not update your software while away for example.

What games do you play? Clash of Clans? Grand Mafia? Or Rise of Kingdoms?  Did you know these apps are developed out of China? What does that mean? Does the 2017 Chinese intelligence law have anything to do with your gaming environment? If you uninstall an app does it really remove everything?

Because many small businesses do not have the resources (no one is dedicated to cybersecurity) many (about30%)  people do not do what is necessary because of "Psychology of Security". This Psychology causes the inattention to cybersecurity as a side effect.

Many people do not want to spend money to possibly save less money.  They would rather not spend money at all and just keep going as they have been. Change is hard, patching is hard, training and more is not easy.

Then on top of that we have many catch22's like I know I need to reboot but I do not want to.   I know I need to spend time on learning social engineering, but ABC excuse. So for us to teach these small businesses is for someone to connect with them and befriend the small business owner so as to work on cybersecurity actions.

This is what the CyberCrowd is !!!!!

Continuing to discuss unrestricted warfare by CRINK (China, Russia, Iran, NorthKorea) and what we need to do to prevent the attacks.

Discuss the top 5 methods to prevent hacks - update/patch, password management, test backup, social engineering, audit your environment.

We have to help each other understand some of these concepts. That is what the Cybercrowd is all about - discussed the Cybercrowd for a bit.

Unfortunately the developers of Horde Webmail have decided not to upgrade anymore, the last straw may have been the latest security vulnerability which is RCE(Remote Code Execution) which is the worst classification.  

Discussing open source, abandonware, and what happens now.

The exchange server hack is indicative of the need for CCP China to control everything, they are very interested in all information which can then be used to populate AI programs for their goals.

This is exactly why I want to create the CyberCrowd movement which will help others understand cybersecurity better. If you understand Cybersecurity you can help others (that may be ignoring for a reason).   All the weak devices on the Internet are making everyone's life harder.

Discussing Book Unrestricted Warfare  and the translation by Robert Spalding "War Without Rules"

The type of attack found after a cyber breach occurred 90% started with Phishing email. 

This 10minute podcast discusses some tips and tricks into spotting Phishing emails. Also a brief intro into Unrestricted Warfare book originating from 2 Chinese Air force officers

Discussing what Cybercrowd is - what vulnerability  management  is -   . For more info the web blog is at oversitesentry.   The Blogpost discussed on this podcast is:  https://oversitesentry.com/log4j-4-month-old-vulnerability-all-is-fixed-right/  . What happens when software vulnerability is found and when it gets  patched (upgraded).  Why are we still vulnerable even when the patch has  been released? Cybercrowd idea is for friends who know about  vulnerability management help others who do not understand. every system  that is vulnerable gives attackers more fuel to attack the rest of us.

My book goto https://fixvirus.com/order-book/