DEFCON.jpgWhat is the DEFCON Convention?

The DEF CON convention is one of the world's largest hacker conventions, held annually in Las Vegas, Nevada with the first DEF CON taking place in June 1993. Many of the attendees at DEF CON include computer security professionals, journalists, lawyers, federal government employees, security researchers, students, and hackers with a general interest in software, computer architecture, phone phreaking, hardware modification, and anything else that can be "hacked."

What does this mean for Me and You?

The meaning behind this is simple and obvious, there is a LARGE convention where hackers go and show off their new skills, new hacking technology, and even go to show off what kind of damage they can do. As this convention grows, so does the possible threat of someone going back to their hometown and using what they learned on you or your company! Just as these hackers are sharpening their tools, your company should be doing the same via cyber-security!

The Positive Side

On the positive side of this otherwise dark convention, a lot of cybersecurity professionals and software engineers also attend this event to help find loopholes in big-name companies and programs to help strengthen cyber defense. So, hackers go to show off their skills and new technology, and the “good guys” come and try to figure out how to stop it. 

 

 


 

What is Blockchain Technology?

Blockchain is the digital and decentralized ledger that records all transactions. Anytime someone buys digital currency on a decentralized exchange, sells coins, transfers, or buys goods and services with virtual currency, a ledger records that transaction, often in an encrypted way to protect against cybercriminals. All these transactions are recorded and processed without a third-party provider or bank, which is usually the case.

Why was Blockchain Invented?

Banks almost always serve as an intermediary of currency transactions, thus taking their cut in the process. Blockchain developers want the ability to process payments without a need for this middleman. For example, when transferring money to overseas markets, a payment or transaction could be delayed for days waiting for a bank to verify it. People argue financial institutions shouldn’t tie up cross-border payments for such a long time.

Are Blockchain Transactions Anonymous?

Despite popular belief, most blockchain transactions aren't anywhere near as private or anonymous as you'd like to think. Even though you don't have to provide a Social Security number or bank account when buying or selling cryptocurrencies, an analysis of a blockchain can often be traced back to an individual sender or receiving of funds. There are however certain “privacy” coins to counteract this. 

 


 

Popcorn Time Ransomware:

This type of Ransomware gives you a “choice.” If possible, you could just pay out the one bitcoin ransom (currently $8,500-$9000), or you are able to download the virus and infect two other friends or coworkers.  Once the people you have sent it to pay the ransom, you get your data decrypted (maybe). This is one way hackers spread their viruses.

Bad Rabbit:

A type of ransomware that has impacted organizations in Russia and Eastern Europe. Bad Rabbit is passed along through a fake Adobe Flash update on breached websites. When the ransomware infects a machine, users are directed to a payment page demanding .05 bitcoin.

CTB-Locker:

With CTB-Locker, hackers outsource the infection process to partners in exchange for a cut of the profits. This is a proven strategy for achieving large volumes of malware infections at a faster rate. CTB Locker is delivered through aggressive e-mail spam campaigns.

Jigsaw:

Jigsaw encrypts and progressively deletes files until a ransom is paid. The ransomware deletes a single file after the first hour, then deletes more and more per hour until the 72-hour mark, when all remaining files are deleted.

 


 

YouTube’s most watched video, ‘Despacito’ was apparently deleted by hackers. The artist Luis Fonsi’s music video, which had over 5 billion views was deleted and replaced with a cover photo showing the apparent hackers. The hackers in the picture are seen to be wearing masks and pointing guns reported by BBC.

 

That’s not all

The hackers, referring to themselves as Prosox and Kuroi’sh, defaced more than a dozen artists’ videos. Some of the known artists include: Shakira, Selena Gomez, Drake and Adele. The hacker identified as “Prosox” also tweeted saying: “@YouTube it’s just for fun I just use script ‘YouTube-change-title-video’ and I write ‘hacked’ don’t judge me I love YouTube <3”. Vevo can confirm that several videos were subject to a security breach, which has now been contained.

 

What Does This Mean?

No matter how big the company or business is, cybersecurity is essential. Modern day hackers are not only smarter but have access to more powerful tools than ever used before. Cybersecurity is today’s top industry worry and will most likely be this way for some time to come.

 despacito_hack.jpg


 

 

Ransomware is one of the most prevalent variety of malicious software, found in 39% of malware-related causes. Once the malware is on your computer, your data is then encrypted (essentially locked) and to get your data back, you would need to come up with a “ransom” normally in the form of Bitcoin. Even though a ransom is asked of you and even if you pay it, you STILL may not get your data back.

 

Major Findings in Summary

  • The human factor continues to be a key weakness as employees are still falling victim to social attacks.
  • Phishing attacks cannot be ignored, a cybercriminal only needs one victim to get access into an organization’s network.
  • Based on Verizon’s dataset, ransomware started impacting critical systems rather than just desktops. Due to this, cybercriminals are asking for higher ransoms for less work.
  • 72% of attacks were perpetrated by outsiders, 27% involved internal staff, 2% involved partners and 2% featured multiple partners. Organized crime groups still account for 50% of the attacks analyzed.

 

ransomwareImage.jpg

What Does This Mean?

“Ransomware remains a significant threat for companies of all sizes,” says Bryan Sartin, Executive Director of Security Professional Services, Verizon. “It is now the most prevalent form of malware, and its use has increased significantly over recent years. With all this happening and cybercriminals becoming smarter, businesses continue to still not invest in the proper security training or professional security protection.


 

 

atlanta.jpgWhat’s Happening?

On the morning of March 22, a remote ransomware attack trapped the city of Atlanta’s data behind an encrypted wall.  The only way the city can remove this wall is to give the hacker or hackers $50,000, for now, the city is working to come up with a solution to get past the virtual attack without paying its ransom. The attackers gave the city until Wednesday to pay it off. The city is bringing in the “best in class external partners” to guide the fix, according to Atlanta news station WSB-TV.

The Warning

Experts have warned that cybersecurity is likely the next great security threat for companies and governments around the globe. Most systems in use today are simply not prepared, and Atlanta is not the first of cities to have been hit with virtual attacks. Although some companies have ramped up security following these types of attacks, as Atlanta plans on doing, cities still aren’t adapting their security before an attack happens.


The Auto-Driving Vehicle

Uber set its sights to the future in hopes of replacing human drivers with Artificial Intelligence (AI) vehicles through its self-driving program. In 2016, Uber users in Pittsburg were able to request self-driving vehicles to take them to their designated locations.  These autonomous cars use radar, cameras and LiDAR to detect obstacles and pedestrians in their path. While the car does drive itself without the need of a human driver, a supervisor is placed in the car to make sure things are running smoothly. 

The Accident

The future of Uber’s self-driving car program is looking dull in the state of California. A video that went viral showed an Uber self-driving accident unfold. In the video you could clearly depict both internal and external views of the Uber vehicle, as well as the Uber’s safety driver looking down at their phone, as suddenly a pedestrian crosses paths with the vehicle, being struck and killed. The local police deemed the accident “unavoidable.”

The Future of Self-Driving Vehicles

The company announced it will not renew Uber’s permit through the state’s DMV to continue testing a fleet of AI driving vehicles. With this accident in mind, it brings up serious questions and some of those questions are, with this recent accident are we ready for AI vehicles in today’s society? What could this mean for AI like Humans?

selfDrivingCar


 

Ransomware in the Cloud

In the past year, we have seen a plague of ransomware attacks, with big and small targets including Britain’s National Health Service, San Francisco’s light-rail network, and big companies such as FedEx. Ransomware is a relatively simple form of malware that breaches defenses and locks down computer files using strong encryption. Hackers then demand money in exchange for a digital key to unlock their data. Victims will often pay, especially if the material encrypted hasn’t been backed up.

Spam, Phishing, and Social Engineering

Human error is the leading cause of data breaches. Unpatched software and social engineering are the causes for most attacks.  We should expect to see even more attacks like these as time goes on. Fortunately, the problem of human fallibility may have a budding solution in the form of Artificial Intelligence (AI). In the meantime, MVP provides a human Security Training that can train your staff on what threats to look for and what scams to not fall for. Find more information at www.mvpworks.com/PIIProtect  

Artificial Intelligence-powered attacks?

AI can be used to automate the collection of certain information, perhaps relating to a specific organization which may be sourced from support forums, social media platforms and more. Additionally, AI may be able to assist hackers when it comes to cracking passwords by narrowing down the number of probable passwords based on geography, demographics and other such factors. This calls for MORE cybersecurity solutions than ever.  

 


 

brain.pngSam Altman, an American entrepreneur, investor, programmer and blogger has just spent a whopping $10,000 with a start-up company to one day, preserve his brain. According to MIT Technology review, Sam is but 1 of 25 other people who have put down a $10,000 refundable deposit to join a waiting list at Nectome, a company whose sole purpose is to archive your mind.

The Catch…

While being on a waiting list to have your brain archived may seem cool and something to do out of the ordinary, there’s just one tiny catch. Nectome’s Co-founder Robert McIntyre, told MIT Technology Review, that the process is “100 percent fatal”. That’s right, the tiny catch is you must die.

The Procedure

The company needs to embalm a living brain for it to potentially be stimulated later by a computer. The living person or customer, would be hooked up to a machine, and then pumped full of Nectome’s custom embalming fluids and chemicals. Oh yeah, this is where the death part happens. According to Co-founder Robert McIntyre, the user experience is compared to a “physician-assisted suicide”.

 

 


 

What is the “Surface Web”?

It is best to imagine the Web as an entire ocean: the surface web is the top of the ocean which appears to spread for miles around and is the easiest part of the ocean to see or "access". You can access the surface web using any of the main search engines (Google, Bing, Yahoo etc.). You are on the surface web for example when you are buying from Amazon or reading the daily news.

What is the “Deep Web”?

The Deep Web was also part of the web at its conception, and in simple terms, it is the opposite of the surface as it is anything that search engines cannot find. This is the key difference between the two in real data terms; sites on the surface internet are indexed for search engines to find, but the deep web is not indexed. Both are available to the public, but special software is needed to access the deep web.

What is the “Dark Web”?

 The Dark Web IS part of the Deep Web, but it has one major difference in that it has been intentionally hidden and is inaccessible to normal web browsers. The technology to create the Dark Web was initially created (and still funded) by US Military Researchers in the mid-1990s to allow spies and intelligence agencies to anonymously send and receive messages. Named "The Onion Router", it was quickly coined with the shorter "Tor" with its name coming from application layer encryption within a communication protocol stack; many layers representing the layers of an onion.

 


 

Elon_Musk.jpgScammers are posing as celebrities, like Elon Musk, and using their status as a way to get innocent people to give them crypto-currency. These scammers are using similar usernames to the genuine accounts, making them seem more credible.

How Does The Scam Work?

While scammers are impersonating Elon Musk (whose fans were a real target) they then post replies to popular tweets made by the real Elon Musk. This gives their deceiving messages prominence when targeting the celebrity’s fans.  The scammers then ask people to send them small amounts of crypto-currency, offering to send a larger amount back as part of a giveaway.

How To Avoid Being Scammed

The golden rule here is “If it sounds too good to be true, it probably is.” Celebrities are most likely not going to ask you for money to give you back more in return. This concept doesn’t make much sense to begin with, as they have a large amount of money at the start. Celebrities like Elon Musk also have a blue checkmark next to their name to symbolize a genuine account. Never give your password, or any other information to anyone you don’t personally know very well over the internet.


 

 

 

EEG-Headset.jpgEEG is an electrophysiological monitoring method to record the electrical activity of the brain. These headsets allow people to make a ball float in front of them, simply by using their brainwaves. EEG, however, is most often used to diagnose epilepsy, by being able to sense abnormalities in the brain.

Hackers and Brainwaves?

Researchers at the University of Alabama at Birmingham suggest that brainwave-sensing headsets, known as EEG (electroencephalograph) headsets, need better protection and security. A recent study revealed hackers could guess a user’s password by monitoring their brainwaves. How jaw-dropping is this? Now we need to worry about hackers hacking our brains?

What Does This Mean?

In a real-world attack, if more and more people begin utilizing these headsets for gameplay, Virtual Reality, and/or school or work a hacker could facilitate the step required for the malicious program to be initiated through the headset. This program begins by requesting that the user enter a predefined set of numbers to restart the game/program being played or used, after pausing it to take a break, like the way CAPTCHA is used to verify users when logging onto websites. Hackers are becoming more creative as well as dangerous. Understanding how to protect yourself has never been more relevant.


 

A small robotic dog named “SpotMini” can act as a human assistant in home or office. Unlike other robots by Boston Dynamics, SpotMini isn’t designed to help people in a disastrous situation, but more meant to be a vaguely cute home or office robotic pet. However, is this cute robotic dog now being trained to fight back against humans?

The Robo-Dog That Could

An amazing video of SpotMini went viral after fighting off a human as he tries to open a door. Not only is this slightly uncomfortable and even a little creepy, but the real question is: Why are we teaching robots to fight back against humans?

Enjoy Robots?

If you enjoyed reading this short summary on SpotMini, be sure to check out the video of the door opening robot dog here: https://www.youtube.com/watch?v=W1LWMk7JB80

Also, be sure to check out Boston Dynamics for tons of robot videos on YouTube.

Robot Dog


 

caduceus

In 2017, the healthcare industry was reported to be hit most frequently by a variety of cyber-attacks. The United States was reported to be the country with the MOST cyber- attacks in the world. That makes the healthcare industry in the U.S. the most targeted and breached industry in the world. Still feel safe?

The Statistics

Here are the top targeted industries hit by ransomware in 2017.

  1. Healthcare: 45%of cross-industry ransomware incidents.
  2. Finance: 12%
  3. Professional services: 12%
  4. Manufacturing: 7%
  5. Education: 6%
  6. Retail: 6%

(Beazley, 2017)

That’s Not All…

The Healthcare industry is also the main target for something known as a W-2 phishing scam. How does it work? Well, cybercriminals use multiple spoofing techniques to mask an email to make it look as if it is from the organization’s executive. The masked email is then sent to an employee in the payroll or human resources department, requesting a list of all employees and their W-2 forms .  According to IRS commissioner John Koskinen, “This is one of the most dangerous email phishing scams we’ve seen in a long time”.

Make sure you and ALL of your employees are as informed and protected as possible. Visit our website to learn more at www.mvpworks.com


 

What is Bitcoin?

bitcoinBitcoin is a new digital currency that was created in 2009 by an unknown person using the alias Satoshi Nakamoto. Transactions are made with no middlemen – meaning, no banks! Much of the hype around Bitcoin today is from getting rich by trading it.

How is Bitcoin Used?

While most people are now using Bitcoin as a source of investment hoping for a healthy return, its original use was not for that. The idea behind the technology has always been and remains - one of decentralization - that is, remaining completely independent of a central authority, like a bank, a government, or a country. This privacy is the main reason many users use bitcoin on the “Dark Web.”

Should You Invest in Bitcoin?

As with any investment, this question comes with a set of questions you should ask yourself first:

Do you have the money to risk?

Do you understand fully in what you’re investing in?

What is driving the investment decision?

With these questions in mind, it’s important to understand the risks involved with any investment, especially one as unpredictable as bitcoin is.