Definition:  Remote Access

The ability to access your computer from a remote location.  Programs allow users to control remote computers from their local machine.  Most remote access programs allow users to transfer files between the local and remote machines.  

Although this can be useful for people who sometimes work from home and for server administrators who frequently need to update and make changes on their server machines, it is not advisable to enable the feature unless you absolutely require remote access.  Having remote access requires a higher level of CyberSecurity.

Definition:  Web Server

A computer system that hosts websites.  Any computer can be used as a Web server, as long as it is connected to the Internet, and has the appropriate software installed.  However, most Web servers are 1U rack-mounted systems, meaning they are flat, trimmed down computers that can be mounted on a server rack.  Most Web Hosting companies has several server racks, each which contains multiple servers.  

“Shared Hosts”:

Web servers that host websites for multiple users are called “shared hosts”.  This is the most common type of hosting solution, and is used for personal sites, small business sites, and websites run by small organizations.  

“Dedicated Hosts”:  

Web Servers that only host websites for a single person or company are called “Dedicated Hosts”.  These types of servers are appropriate for high-traffic websites and sites that require custom server modifications.

Like-Farming Scams:

The process of gathering likes for a particular social media page through a combination of emotional exploitation, manipulation, and deception.  This will involve CyberCriminals posting a string of posts designed specifically to capture followers for a Facebook page, which can then be later used for a variety of nefarious uses.  

The list of followers can be used by the CyberCriminals for further spear-phishing, or sold to other CyberCriminals for their spamming use, or to marketing outfits.

Threat Level:  HIGH

This attack could pose a serious security threat.  

Description

Malicious toolkits contain various exploits bundled into a single package.  Victims, on visiting the website containing the malicious server hosting exploit toolkit, is attacked with several different methods exploiting different vulnerabilities.  

What to Do

Take immediate action to stop any damage or prevent further damage from happening.

Got Cyber-Bugs?

Call 1-204-800-3166

For Cyber-Extermination!

Master Boot Record

aka:  MBR

 

A small program that is executed when a computer is booting up, which identifies how and where an Operating System (OS) is located so that it can be booted into the computer’s main storage or Random Access Memory (RAM).  Typically the MBR resides on the first sector of the hard drive.

The MBR is also sometime called the Partition Sector because it includes a table that locates each partition that the hard disk has been formatted into.

The MBR also contains a program that reads the boot sector record of the partition containing the Operating System to be booted into RAM.  That record contains a program that loads the rest of the Operating System into RAM.

Definition:  Social Engineering

A method of intrusion CyberCriminals use that relies heavily on human interaction.  It often involves tricking people into breaking normal security procedures, and providing confidential information.

It often involves emails that look legitimate, and request the victim to click on a link or to enter confidential information.  The email usually asks the victim to ‘confirm’ their identity by entering confidential information (either by replying to the email, or by clicking on a provided link to an official-looking website), or to prevent negative consequences (avoid fees/penalties, jail time, legal charges, etc).

The emails usually target the end-user (any computer user in an organization), and relies on the lack of Social Engineering training for end-users.

It is the greatest threat that organizations encounter.

Since its 1st appearance in June 2014, the Dyre Trojan has reportedly been used in a succession of phishing campaigns across the globe, including attacks against major brand names such as the Royal Bank of Scotland, Citigroup, JPMorgan Chase, and Bank of America.  The current target list now includes more than 100 banks, with new banks being targeted on a weekly basis.

Dyre Trojan has created industry-wide concern.

At the heart of the Trojan’s successful man-in-the-middle (MitM) attacks is a technique called “browser hooking”.

This technique allows the malware operators to route unsuspecting customers to fake banking websites, where their PC is infected with malware, and the user is tricked into surrendering their login credentials.  The stolen credentials are then used to conduct an account takeover (ATO) from a spoofed device, through a proxy, or directly from the infected PC, by use of remote access tools.

Attempts to stop Dyre attacks with traditional fraud controls (antivirus, authentication, statistical risk engines, and device IDs) have proven ineffective.

Definition:  Beta Test

1.  Software Development:

A beta test is the 2nd phase of software testing in which a sampling of the intended audience tries the product out.  This is to give the ‘product’ a “real-world” test, and partly to provide a preview of the next release.  In software, they usually use customers who volunteer to test the product.

2.  CyberScam:

A beta test is the ‘test’ phase of the scam, in which a small sampling of the intended population (usually on 1 or 2 states of the U.S., since they are abundantly populated).  This is to test the effectiveness and response to the scam, and to highlight any changes to the scam that may need to be done prior to the real release of the scam on the entire intended population.

Definition:  Netizen

aka:  CyberCitizen

An entity or person actively involved in online communities, and a user of the Internet, especially an avid one.

Definition:  HotSpot

A physical location that offers Internet access over a wireless local area network (WLAN) through the use of a router connected to a link to an Internet service provider.  HotSpots typically use WiFi technology.