now browsing by tag


#childpredator | Predators among us: TTPS to launch sexual offences unit | Local News | #parenting | #parenting | #kids

Predators are among us! In the last week alone, more than 10 cases of sexual assault against minors were heard in the courts and today, two more men were expected […] View full post on National Cyber Security

#sextrafficking | Local moms marching against child sex trafficking | #tinder | #pof | #match | romancescams | #scams

_________________________ MEDFORD, Ore. – A nationwide outcry against child trafficking is being heard in the Rogue Valley.  Several residents in Northern California and Southern Oregon are putting on events this […] View full post on National Cyber Security

#sextrafficking | Local Anti-Sex Trafficking Nonprofit To Host Virtual Fundraising Event | #tinder | #pof | #match | romancescams | #scams

_________________________ Love’s Arm will host the “Lights On” Campaign fundraiser on Aug. 30 from 7-9 p.m. via a Facebook Live event. The event allows donors to sponsor “a day of […] View full post on National Cyber Security

#deepweb | Local Search and Rescue Assists Iditarod Mushers Stuck in Overflow – KNOM Radio Mission

Source: National Cyber Security – Produced By Gregory Evans

Nome Search and Rescue responded to the call to rescue three Iditarod mushers from overflow near the Solomon River late Friday morning.

Just before 9am Friday, Jim West Jr., the head of Nome Volunteer Ambulance Department, received a call from Mike Owens of the Iditarod Trail Committee. When West heard three teams were stuck in overflow he realized they would need more than just a group of snowmachiners to get them out. So, West contacted the Alaska State Troopers and Alaska National Air Guard.

Because we didn’t know how bad these guys were, if they were wet or hypothermic or if hypothermia had set in. They called RCC and RCC released the helicopter to us, I sent down two EMTs in the helicopter along with a couple of dog handlers from Iditarod and they flew down while the ground crew took off.”

The RCC is the Rescue Coordination Center.

West described the mushers Sean Underwood, Tom Knolmayer,
and Matthew Failor as having some minor injuries and signs of hypothermia.

“The one couldn’t feel his legs, probably frostbite on his toes. And nothing blistering or anything like that but when you spend so much time out there on the water the cold water just sucks everything right out of your body. You don’t have enough energy to do anything.”

The mushers were able to walk themselves to the
helicopter and be taken to Nome for medical treatment. Their encounter with
overflow was only part of a very difficult overnight trip in the winter storm.

“They said they had left White Mountain last night at about 11 and battled wet, soft snow and waist-deep water …”

Dog handlers mushed the teams of sled dogs to Safety Roadhouse where they could be examined by an Iditarod veterinarian before being transported to Nome. Iditarod Race staff are re-working the trail from Elim to Nome so that the remaining 11 teams can complete the 1,000 mile race.

Source link

The post #deepweb | <p> Local Search and Rescue Assists Iditarod Mushers Stuck in Overflow – KNOM Radio Mission <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | Securing Windows 10 with Local Group Policy

Source: National Cyber Security – Produced By Gregory Evans Introduction When it comes to quickly making wide-ranging modifications to Windows systems, Group Policy is usually at the top of the list for ease-of use and raw power. The problem is that most people think of Group Policy as this all-encompassing voodoo that is only for […] View full post on AmIHackerProof.com

FBI Expands Election Security Alerts Beyond Victims to State, Local Officials

Source: National Cyber Security – Produced By Gregory Evans by DH Kass • Jan 20, 2020 The Federal Bureau of Investigation will now notify state officials when a local election has been hit by hackers, a course reversal from a prior closed door policy not to extend notification beyond victims of cyber attacks. A protracted […] View full post on AmIHackerProof.com

Local #company’s #system #hacked; employee #info #stolen

Source: National Cyber Security – Produced By Gregory Evans

 Green Bay Police say they are investigating the hacking of a local corporation’s computer network, resulting in the theft of “significant amounts of money” from victims in the organization.

Police did not immediately identify the company that was attacked. Action 2 News will work to find that out.

Officers say the hackers stole human resources information.

“In this case, it appeared the cyber actors utilized a known vulnerability to access the company’s computer systems and human resources software to steal personal identifying information from employees,” reads a statement from Capt. Jeremy Muraski.

Police say the vulnerability was a known issue and a security patch had not been installed and updated.

“This incident demonstrates how vital it is to maintain public facing computer systems with the latest security patches from the server companies as cyber actors will attempt to use exploits as long as they are finding vulnerable systems,” reads the statement from Capt. Muraski.

The post Local #company's #system #hacked; employee #info #stolen appeared first on National Cyber Security .

View full post on National Cyber Security

Local #cyber-security #firm warns #voters of #clickbait links ahead of #GE14

A local cyber-security firm have warned voters to be prepared for a rise in clickbait phishing links that could potentially be a cybersecurity threat in the upcoming 14th General Election (GE14).

Quann Malaysia general manager, Ivan Wen, said in a statement that the internet could see a rise in clickbait phishing sites or emails with attachments and sensational titles that trick users to click links for “Exclusive” or “Shocking” stories.

“When a news sounds too good to be true, it is likely fake news,” he said.

Phishing sites are used to trick victims into giving their personal data such as email addresses, identity card numbers, and even credit card information.

These phishing emails can also launch ransomware attacks that encrypt important information on the device.

In a worst-case scenario, this can become a national threat, the firm said.

“Besides that, these phishing links could automatically be shared with your contacts once they have access to your device,” Wen said.

According to a report by Dynamic Business Technologies, 48 per cent of IT providers reported that phishing emails were behind ransomware attacks.

Quann cites two country elections where clickbait links resulted in cyber security threats.

In the 2016 US Elections, a phishing campaign by Russian Intelligence Agency was allegedly launched against a US company involved in developing election systems. Fake Google alert emails were sent to employees which when clicked took them to a legitimate looking Google site where hackers were able to steal their data.

Using information obtained in the attack, the hackers sent 122 phishing emails containing Microsoft Word document attachments to local government agencies offering ‘election related products and services’.

These documents had been ‘trojanised’ with a Visual Basic script that once connected to the internet, downloaded an unknown payload to the device, to steal and access the victim’s information, the company said.

Wen said in UK last year, several parliament MPs were targeted in a phishing campaign. While the report said parliament sites and addresses were not compromised, several individual’s personal emails were being compromised with key information leaks.

To prevent being infected by malware via clickbait links, the company advised users to take the following precautions:

• Key in the address of a legitimate news site instead of directly clicking links sent to you

• Before clicking, hover your mouse pointer over the link to view the link address. Do not click website links that are unfamiliar, even if they came from someone you know. Their accounts could have been compromised.

• Install an Anti-Phishing Toolbar and Antivirus that run quick checks on sites you visit to ensure they are safe to visit.

• Only access secure sites that begin with “https” with a closed lock icon near the address bar.

• Regularly monitor your online accounts to ensure they have not been hacked. Use strong passwords and regularly change them.

• Regularly update your browsers with the necessary security patches.

• Beware of pop-up windows masquadering as legitimate extensions of a website as they are often used to target users visiting a website that has been compromised.


The post Local #cyber-security #firm warns #voters of #clickbait links ahead of #GE14 appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Engagement, #accessibility, #cybersecurity top #local government #priorities

If you asked a ballroom full of government leaders what keeps them up at night, what do you think they would say? According to our latest “What’s Next in Digital Communications for Local Government” survey results, expanding citizen engagement, increasing digital accessibility and minimizing cybersecurity risks top their to-do lists.

Nearly 370 municipal and county government officials across North America participated in the December 2017 survey to assess the current state of digital communications in local government and project future trends.

Topping the list of priorities for 2018 is citizen engagement, with two-thirds of survey respondents planning to invest in technology to increase digital connections with their customers. It’s the second year in a row that “expand citizen engagement” was cited as the top priority for the next 12 months.

Moreover, 80 percent of the local leaders said they plan to invest in social media tools this year. As one survey participant noted, “social media is one of the biggest channels where citizen engagement happens.”

At a time when social media consumption is at an all-time high, it’s not surprising that local government leaders are realizing the impact digital engagement can have in creating positive relationships with citizens and improving customer experience.

Read More….


The post Engagement, #accessibility, #cybersecurity top #local government #priorities appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Four ways #state and local CIOs can boost #cybersecurity

Source: National Cyber Security – Produced By Gregory Evans

Looking back at the hundred-plus FBI cyber investigations and victim notifications I’ve worked over the past decade, without a doubt, the most concerning and most difficult ones centered around local and state governments.

States and cities face a tall order: protecting critical data and infrastructure. They’re expected to conduct an investigation, and remediate and prevent future attacks, all with under-staffed or non-existent cybersecurity teams, limited incident response capacity, and a lack of reliable technology.

Working closely with CIOs in cities like Los Angeles and states like Colorado has given me perspective on what is working and where we should be devoting our energy. Here are the top four observations — and solutions — for helping city and state CIOs resolve their cybersecurity challenges.

1. Get the basics right, then tackle IoT

I get it. IoT is important. IoT is scary. But we are still not doing the basics on the workstations and servers that run those IoT devices. Many jurisdictions, for instance, do not yet have a complete and accurate inventory of every asset on their network. And the easiest way to breach a network will always be through the one unpatched piece of software the organization doesn’t know about — not the smart streetlight (yet). This is not to say states and cities should halt all IoT efforts. Rather, they should prioritize their time and investments in getting essential cyber hygiene efforts done first.

Action item: Have your security team run a vulnerability scan and compare the endpoints found with your IT team’s most recent patch report. If the reports are identical, compliment both teams; if they’re not, check both teams’ tools. One of them is broken.

2. Break down organizational silos

IT operations in state and city government are often run by the various agencies within the government, rather than being centralized under the state’s or city’s CIO. This leads to shadow IT, with a wide range of servers, software, and hardware spread across the state and city, and no standardized way to measure their risk level or even know when systems need to be updated. IT administrators cannot share best practices, causing further inefficiencies. What’s worse than shadow IT? Shadow security — rogue systems with no security features turned on. Fortunately, some states and cities have made significant efforts toward consolidating and federating their IT, and the broader trend is toward consolidation, as NASCIO reported in its survey of state CIOs.

Action item: Identify the agency or department with the least number of cybersecurity resources and consolidate those first. Don’t boil the ocean by starting at the agency with the most crown jewels.

3. Reduce the number of tools

Because technology management is so spread out across agencies, states and cities tend to have dozens of tools for managing their IT and security. I once responded to an incident at a state government that had more than a dozen different tools for asset inventory and patching alone. If you have a dozen tools, you need people with expertise in each piece of software, and you have to commit valuable time and money to train those people. When a mistake gets made and leads to an incident, IT staffers have to bring in outside help, because no one internally has expertise in all the tools, which is required to conduct a proper response. States and cities can significantly reduce their risk, and improve efficiency, by consolidating IT operations and security tools. Shared tools also are better for states’ budgets, because procurement officials can negotiate state-wide prices.

Action item: Track the top 10 agencies in your state or city by number of employees and count the number of IT and security tools being used across all 10 networks. Start thinking about how many tools overlap and which ones can be decommissioned.

4. Create dedicated security roles

The cybersecurity workforce gap is an oft-discussed issue, but it’s especially prevalent in local governments and even some state agencies. Too often, IT professionals are tasked with taking on security roles, too, or their positions are only part time. In both cases, not enough attention is being paid to security. IT teams need to get creative in solving their workforce issues. Try forming tiger teams made up of diverse experts from across agencies to evaluate your state holistically and solve discrete IT and security problems. Consider leveraging existing resources, such as your state’s National Guard. Explore ways to partner with local universities to get young people interested in government and cybersecurity. By far, the most interesting cyber cases I’ve investigated happened only because I worked for the government. It is why NSA, not Silicon Valley, is able to hire the best mathematicians — they recruit early and often.

Action item: Sponsor a capture-the-flag hacker tournament at a state college and offer the top three winners summer internships at your agency.

Many of these challenges and solutions are connected. Reducing the number of tools not only helps with security, it also addresses your workforce issues by freeing up the time and money you were formerly spending on a plethora of tools and training.

States and cities are clearly placing an increased emphasis on improving IT management and security, as was made clear when 38 governors signed the National Governors Association’s cybersecurity compact this summer. Now it’s time to tackle the tough issues.

The post Four ways #state and local CIOs can boost #cybersecurity appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures