User education is first line of defense against ransomware

Ransomware has yet again reared its ugly head and despite various security websites issuing warning notices, people are still falling foul of it. 

Ransomware is, in essence, a method of extorting money from an unsuspecting individual or organization, most frequently by denying them access to their files through encryption of their data or hard drive.

One ransomware attack vector is via phishing or spam emails as the unsuspecting individual may inadvertently open an attachment or follow what they perceive to be a bona fide web link.  The act of clicking on the suspicious attachment or web link results in the initiating of a malware download, which then encrypts the user’s files or hard drive. Once completed, this then requires the user to pay.

Payment is often demanded in Bitcoin to unlock an organization’s files or hard drive. It has been widely reported by victims that despite paying this “ransom”, they have still been unable to access the encrypted files or hard drive. So it is clear that prevention is better than cure when dealing with ransomware.

Depending on the type and version of ransomware that has been installed, there is a possibility that the user’s files or hard drive have not actually been encrypted, but a small piece of software has been installed that gives the impression that encryption has taken place.

This relies heavily on the emotional response of the victim and the fear that they could be compromised; such a fear is enough to prompt a response and, potentially, payment.

It is impossible to tell from the ‘splash screen’ that appears whether or not it is a genuine ransomware payload and only an attempt to use or recover the user’s files will clarify this.

Numerous strategies

There are numerous strategies for safeguarding against ransomware. The first, and by far the most effective, is user awareness and education, because ransomware does not install itself. For the malware to be downloaded successfully, it needs some form of user interaction, whether via phishing emails or by fraudulent websites that serve up ‘drive-by’ malware.

Ensure that all your staff, including management, recognize phishing and spam and so do not open suspicious emails or follow links to other websites unless they can be sure they are bona fide links. All users should also be cautious or even suspicious of attachments, pictures or graphics received unexpectedly from known persons, because the sender’s email account may have been compromised.

If in doubt, do not open any email without first confirming its origin by contacting the sender. It is also recommended to switch off any email preview window within a mail program because this may trigger the ransomware download.

Also, spear phishing might be used for a targeted ransomware attack on a specific user. This might make the malicious email hard to spot.

Scan all attachments

Secondly, ensure that any antivirus email program or software is up to date and scheduled to scan all email traffic to identify spam emails or emails that may contain known threats. This software should also be configured to scan all attachments or pictures embedded within emails or instant messaging attachments.

Thirdly, all hardware and software should be correctly patched and updated to the latest version to ensure that all known weaknesses or vulnerabilities have been addressed by the relevant supplier.

Finally, a good back-up regime is essential in this ever-changing virtual and internet-based environment. Remember, it is not sufficient just to make backups because they need to be tested to ensure they actually work.

In the event of your system being infected with ransomware, don’t give up hope or pay any ransom. There are various products available that can help to recover your files.

It is imperative that organizations take the threat of ransomware seriously. Once infected, the inability to access files or systems may affect other services offered by the organization. An organization’s ability to recover quickly from any ransomware infection will be greatly enhanced by having effective business continuity mechanisms available and free from infection.

 

via:  computerweekly


Save pagePDF pageEmail pagePrint page

This Ransomware Malware Could Poison Your Water Supply If Not Paid

Ransomware has been around for a few years, but in last two years, it has become an albatross around everyone’s neck, targeting businesses, hospitals, financial institutions and personal computers worldwide and extorting millions of dollars.


Ransomware is a type of malware that infects computers and encrypts their content with strong encryption algorithms, and then demands a ransom to decrypt that data.

 
It turned out to be a noxious game of Hackers to get paid effortlessly.

Initially, ransomware used to target regular internet users, but in past few months, we have already seen the threat targeting enterprises, educational facilities, and hospitals, hotels, and other businesses.


And now, the threat has gone Worse!

This PoC Ransomware Could Poison Water Supply!

scada malware

Researchers at the Georgia Institute of Technology (GIT) have demonstrated the capability of ransomware to take down the critical infrastructure our cities need to operate, causing havoc among people.

 
GIT researchers created a proof-of-concept ransomware that, in a simulated environment, was able to gain control of a water treatment plant and threaten to shut off the entire water supply or poison the city’s water by increasing the amount of chlorine in it.

 
Dubbed LogicLocker, the ransomware, presented at the 2017 RSA Conference in San Francisco, allowed researchers to alter Programmable Logic Controllers (PLCs) — the tiny computers that control critical Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) infrastructure, like power plants or water treatment facilities.

 
This, in turn, gave them the ability to shut valves, control the amount of chlorine in the water, and display false readouts.


Sounds scary, Right?

 
Fortunately, this has not happened yet, but researchers say this is only a matter of time.

 

The simulated attack by researchers was created to highlight how attackers could disrupt vital services which cater to our critical needs, like water management utilities, energy providers, escalator controllers, HVAC (heating, ventilation and air conditioning) systems, and other mechanical systems.

Over 1500 PLC Systems Open To Ransomware Attack

LogicLocker targets three types of PLCs that are exposed online and infects them to reprogram the tiny computer with a new password, locking the legitimate owners out and demanding ransom while holding the utility hostage.

 
If the owners pay, they get their control over the PLC back. But if not, the hackers could malfunction water plant, or worse, dump life-threatening amounts of chlorine in water supplies that could potentially poison entire cities.

 
GIT researchers searched the internet for the two models of PLCs that they targeted during their experiment and found more than 1,500 PLCs that were exposed online.

“There are common misconceptions about what is connected to the internet,” says researcher David Formby. “Operators may believe their systems are air-gapped and that there’s no way to access the controllers, but these systems are often connected in some way.”

Targeting industrial control and SCADA systems is not new, cybercriminals and nation-state actors are doing this for years, with programs like Stuxnet, Flame, and Duqu, but ransomware will soon add a financial element to these type of cyber attacks.

 
Therefore, it is inevitable that money-motivated criminals will soon target critical infrastructure directly. Additionally, the nation-state actors could also hide their intentions under ransomware operators.

 
So, it is high time for industrial control systems and SCADA operators to start adopting standard security practices like changing the PLCs default passwords, limiting their connections by placing them behind a firewall, scanning their networks for potential threats, and install intrusion monitoring systems.

 

via:  thehackernews


Save pagePDF pageEmail pagePrint page

New MacOS Malware linked to Russian Hackers Can Steal Passwords & iPhone Backups

Security researchers have discovered a new Mac malware allegedly developed by APT28 Russian cyber espionage group who is believed to be responsible for 2016 presidential election hacking scandal.

 
A new variant of the X-Agent spyware is now targeting Apple macOS system that has previously been used in cyber attacks against Windows, iOS, Android, and Linux devices.
The malware is designed to steal web browser passwords, take screenshots of the display, detect system configurations, execute files and exfiltrate iPhone backups stored on the computer.

The X-Agent malware is tied to Russian hacking group known as APT28 — also known as Fancy Bear, Sofacy, Sednit, and Pawn Storm — that has been operating since at least 2007 and is allegedly linked to the Russian government.

“Our past analysis of samples known to be linked to APT28 group shows a number of similarities between the Sofacy/APT28/Sednit Xagent component for Windows/Linux and the Mac OS binary that currently forms the object of our investigation,” Bitdefender reported in a blog post published.

“For once, there is the presence of similar modules, such as FileSystem, KeyLogger, and RemoteShell, as well as a similar network module called HttpChanel.”

Like variants for other platforms, the Mac version of X-Agent spyware is also act as a backdoor with advanced cyber-espionage capabilities that can be customized depending on the objectives of an attack.

Moreover, X-Agent is being planted by exploiting a vulnerability in the MacKeeper software installed on the targeted computers and known malware dropper Komplex — a first-stage trojan that APT28 uses to infect machines.


Abovementioned evidence indicates that the newly discovered Mac version of X-Agent is also created by the same
Russian hacking group.

Once successfully installed, the backdoor checks for the presence of a debugger and if it finds one, it terminates itself to prevent execution. But if not, the backdoor waits for an Internet connection to communicate with the command-and-control servers.

“After the communication has been established, the payload starts the modules. Our preliminary analysis shows most of the C&C URLs impersonate Apple domains,” Bitdefender researchers said.

“Once connected to the C&C, the payload sends a HelloMessage, then spawns two communication threads running in infinite loops. The former uses POST requests to send information to the C&C, while the latter monitors GET requests for commands.”

The Research is still ongoing and Bitdefender security researchers right now only have the Mac malware sample and not a full picture of how an attack works.

 
APT28 is one of the two Russian-linked cyber-espionage groups that have been accused of hacking into the U.S. Democratic National Committee’s email server last year and interfering with the 2016 presidential election.


You can read BitDefender’s previous analysis on the APT28 hacking group here [
PDF].

 

via:  thehackernews


Save pagePDF pageEmail pagePrint page

Hackers Can Intercept Data From Popular iOS Apps

Dozens of popular iOS applications are affected by vulnerabilities that allow man-in-the-middle (MitM) attackers to silently intercept data from connections that should be protected by TLS, a study has found.

The developers of verify.ly, a service designed for finding security issues in iOS apps, analyzed applications in the Apple App Store and identified hundreds that are likely vulnerable to data interception. Experts have tested each of them on an iPhone running iOS 10 and confirmed that 76 had been vulnerable.

According to Will Strafach, iOS security expert and developer of verify.ly, the affected applications have been downloaded more than 18 million times. The vulnerability is considered high risk in the case of 19 of the 76 applications, as they expose financial or medical service credentials or session authentication tokens.

The medium risk category includes 24 iOS apps, which also expose login credentials and session authentication tokens. The names of the high and medium risk apps have not been disclosed in order to give vendors time to patch the flaws.

Researchers identified 33 low risk applications, which allow attackers to intercept only partially sensitive information, including analytics data, email addresses, and login credentials that would only be entered on a trusted network. The list includes banking, VPN, entertainment, news, stock trading, chat, and Snapchat-related apps.

“This sort of [MitM] attack can be conducted by any party within Wi-Fi range of your device while it is in use. This can be anywhere in public, or even within your home if an attacker can get within close range,” Strafach explained. “Such an attack can be conducted using either custom hardware, or a slighly modified mobile phone, depending on the required range and capabilities. The best similar and well-understood form of attack to this would be the ability to read data from credit cards at a close range.”

Applications are vulnerable to these types of attacks due to the way their developers implement network-related code, which means only the developers can properly address the issue. However, end-users can protect themselves against potential attacks by utilizing the affected applications only over a cellular data connection, which is much more difficult to intercept compared to Wi-Fi.

An automated analysis of Android apps conducted back in 2014 by CERT/CC showed that thousands of applications were vulnerable to MitM attacks, and many of them are still vulnerable today.

 

via:  securityweek


Save pagePDF pageEmail pagePrint page

Too many high-risk vulnerabilities leave CISOs scrabbling to patch

Too many critical flaws are given high priority, leading to a patch overload that CISOs cannot keep up with, according to F-Secure.

IT security company F-Secure has warned that there is too much hype surrounding zero-day vulnerabilities.

In its State of Cyber Security 2017 report, the anti-virus security company noted: “The website, CVEDetails.com, shows an average vulnerability score of 6.8 across all known vulnerabilities and on all known platforms.”

Of the more than 80,000 known vulnerabilities in the CVE database, 12,000 (around 15%) of them are classified as high-severity, said F-Secure.

F-Secure said high-severity vulnerabilities are generally considered the top priority. “They get handled in well-run organizations. High-severity vulnerabilities get a lot of visibility and, because of this, they’re patched on the spot.

“Your CISO is probably more worried about phishing and upstream attacks than internal network misconfigurations and unpatched internal systems. As an IT admin, taking care of infrastructure is your biggest concern.”

As such, applying every patch to every piece of software on every system on the corporate network, as the patch is released, is just not feasible. F-secure said admins rely on periodic patch cycles to fix low severity vulnerabilities, if they patch at all.

“Taking time out of their day to understand the implications of every newfound vulnerability out there is too much ask for most IT admins,” the report noted.

“In many cases, they simply don’t bother,” it said, adding that the challenge for CISOs is prioritizing what to patch first.

The company said most users are ill-prepared for a world where information on the internet is never forgotten.

The report stated: “People say they understand the internet, and maybe in a technical sense they do. But most users are in the dark when it comes to grasping the significance of technologies that log and track everything.

“Very few people fully comprehend the fact that their data isn’t going to disappear, so defenders need to protect it. That protection cannot depend completely on the idea that security plans – no matter how good they are – are foolproof.”

 

via:  computerweekly


Save pagePDF pageEmail pagePrint page

University attacked by its own vending machines, smart light bulbs & 5,000 IoT devices

A university, attacked by its own malware-laced soda machines and other botnet-controlled IoT devices, was locked out of 5,000 systems.

Today’s cautionary tale comes from Verizon’s sneak peek (pdf) of the 2017 Data Breach Digest scenario. It involves an unnamed university, seafood searches, and an IoT botnet; hackers used the university’s own vending machines and other IoT devices to attack the university’s network.

Since the university’s help desk had previously blown off student complaints about slow or inaccessible network connectivity, it was a mess by the time a senior member of the IT security team was notified. The incident is given from that team member’s perspective; he or she suspected something fishy after detecting a sudden big interest in seafood-related domains.

The “incident commander” noticed “the name servers, responsible for Domain Name Service (DNS) lookups, were producing high-volume alerts and showed an abnormal number of sub-domains related to seafood. As the servers struggled to keep up, legitimate lookups were being dropped—preventing access to the majority of the internet.” That explained the “slow network” issues, but not much else.

The university then contacted the Verizon RISK (Research, Investigations, Solutions and Knowledge) Team and handed over DNS and firewall logs. The RISK team discovered the university’s hijacked vending machines and 5,000 other IoT devices were making seafood-related DNS requests every 15 minutes.

The incident commander explained:

The firewall analysis identified over 5,000 discrete systems making hundreds of DNS lookups every 15 minutes. Of these, nearly all systems were found to be living on the segment of the network dedicated to our IoT infrastructure. With a massive campus to monitor and manage, everything from light bulbs to vending machines had been connected to the network for ease of management and improved efficiencies. While these IoT systems were supposed to be isolated from the rest of the network, it was clear that they were all configured to use DNS servers in a different subnet.

After reading the RISK Team’s report, the senior IT security team member said:

Of the thousands of domains requested, only 15 distinct IP addresses were returned. Four of these IP addresses and close to 100 of the domains appeared in recent indicator lists for an emergent IoT botnet. This botnet spread from device to device by brute forcing default and weak passwords. Once the password was known, the malware had full control of the device and would check in with command infrastructure for updates and change the device’s password—locking us out of the 5,000 systems.

At first, the incident commander thought the only way out of trouble was to replace all the IoT devices, such as “every soda machine and lamp post.” Yet the RISK Team’s report explained that “the botnet spread from device to device by brute forcing default and weak passwords,” so the university used a packet sniffer to intercept a clear-text malware password for a compromised IoT device.

With the packet capture device operational, it was only a matter of hours before we had a complete listing of new passwords assigned to devices. With these passwords, one of our developers was able to write a script, which allowed us to log in, update the password, and remove the infection across all devices at once.

Verizon’s sneak peek report includes mitigation and response tips, such as change default credentials on IoT devices. It also advises, “Don’t keep all your eggs in one basket, create separate network zones for IoT systems and air-gap them from other critical networks where possible.”

 

via:  networkworld


Save pagePDF pageEmail pagePrint page

Ransomware threat continues to evolve, defense needs to catch up

With the rapid expansion of the ransomware threat landscape, defenders are scrambling to find ways to fight back. RSAC 2017 dedicated a full day for a ransomware seminar.

The ransomware threat is not strictly new, but the expansion of the threat over the past year is enough to get a full-day seminar at RSA Conference 2017, with over a dozen experts scheduled to examine the latest malicious-attack phenomenon.

Andrew Hay, CISO of DataGravity Inc., in Nashua, N.H., and host of the ransomware summit, opened the first panel of the seminar by asking for a show of hands of those who had been affected by ransomware; hands shot up throughout the large hall. Hay asked the two questions likely on everyone’s mind: “Just how big is ransomware, and should victims pay the ransom?”

Panelist Michael Duff, CISO at Stanford University, said “ransomware is nothing more than monetized malware,” adding that while money is behind the vast majority of cyberincidents, ransomware is not actually entirely bad when compared with other types of attack. “It’s very loud — you know almost immediately when you’re attacked, and you know what you need to do to recover.”

And panelist Gal Shpantzer, CEO at Security Outliers Inc., in Arlington, Va., said ransomware is much easier to monetize than any other type of malware. Ransomware shortens the attack lifecycle, Shpantzer said, adding that it’s a way to “lob a grenade into your LAN, and now you owe me some money.”

Ransomware threat is a business

When considering the moral question — whether or not victims should pay — virtually all speakers during the day echoed the same sentiment: Victims should do all they can to avoid paying ransoms, while at the same time being pragmatic about paying to get access to critical systems.

Panelist Neil Jenkins, director of the Enterprise Performance Management Office at the Department of Homeland Security, pointed out that “paying a ransom encourages the business model,” adding that every time a victim pays, “it’s a good thing for the criminals.”

“I will not moralize to you,” Shpantzer said about paying if there’s no other option, but at the same time, he pointed out that it’s not always so cut and dried. If there are backups available, but it will take some time to determine whether they are recoverable, Shpantzer suggested taking a two-pronged approach of testing the backups, while also opening a line of negotiation. “You can test them. And parallel to testing them, you can negotiate with your new ‘friends.'”

“You can actually negotiate; it’s like kidnapping,” Shpantzer said. “It cost them nothing” to attack, and “you can and should negotiate” to extend the payment deadline and to get the attacker to accept less. That way, if the backups are good, you don’t need to pay the attackers anything. And if the backups aren’t usable, at least you can get a better price.

Dmitri Alperovitch, CTO at CrowdStrike, based in Irvine, Calif., told SearchSecurity that the increased volume in ransomware threat attacks “is a proxy for the fact that there’s been a merging on the botnet underground marketplace.”

For many years, it’s been possible for hackers with a new piece of malware to go to botnet owners and do a “pay per install” to distribute their ransomware. Now, ransomware authors are able to deploy their own botnets and get immediate payoffs. “No need to get clicks — it’s just a guaranteed success.”

In a session titled, “What the Kidnapping & Ransom Economy Teaches Us About Ransomware,” Jeremiah Grossman, chief of security strategy at SentinelOne Inc., based in Palo Alto, Calif., explained how the rapid rise in ransomware attacks is fueling a parallel growth in cyberinsurance offerings — and that has the potential to protect everyone.

Grossman said “seven-figure” payments for ransomware threats have already been paid, though he had to withhold details for obvious reasons. “There’s going to be professional ransomware negotiators,” a new job description for the people who will help cyberinsurers deal with attacks in the future.

The insurers will soon be able to tell everyone what to do to avoid ransomware, and they “will soon have the best data in the world” about ransomware threats and defenses. “They have all the actuarial data,” Grossman said.

 

via: techtarget


Save pagePDF pageEmail pagePrint page

The technical support scam and how to avoid it

When talking about cybersecurity, we instantly think of viruses and malware. But advances in personal computer security have made it much harder for hackers to infect your PC through traditional channels like email.

As a result, they have developed new attack methods to get around your defenses using a range of techniques, on and off-line. One of the most used and also successful is the “Technical Support Scam” that combines social engineering and technology to empty a victim’s bank account.

What is the Technical Support Scam?

Social engineering relies on building trust with a victim, before tricking them into doing something that gets around their security defenses. In the case of the Support Scam, criminals telephone their victims pretending to be from a reputable business, like Microsoft or your security or telephone provider – a company name you recognize.

Posing as an engineer, the hacker informs their target that they have already fallen victim to criminals, and they must take urgent action to plug the security gap. The victim is asked to visit a webpage from their computer, and to download a remote control tool that will allow the engineer to access their system to perform “repair work”.

Once in control of the computer, the “engineer” may call up the computer’s event log and show a number of scary looking (but completely harmless) alerts. They will then suggest downloading further tools that allow them to fix these errors.

Unfortunately these tools are actually malware that will steal valuable information from the victim’s computer – particularly online banking details and passwords. The victim may feel that the engineer has done them a favor, but the reality is that they have invited the hacker to steal from them.

Avoiding the Technical Support Scam

There are several ways you can protect yourself from becoming a victim of this scam. These four tips will help keep you safe:

1. Use your common sense

Microsoft or Panda (for example) never ring customers to inform them of security problems. These companies may provide assistance by telephone, but they never call you first. In fact, unless you pay for a third party technical support service, no one should call you about problems with your computer or router.

No matter how urgent the issue sounds, anyone claiming to be calling about PC security problems is lying.

2.Protect your personal and sensitive information

Never give your account numbers or passwords to anyone over the phone or the Internet unless you are 100% sure who they are. If you are in any doubt at all, hang up. Keep in mind that fraudulent activities are profitable for the bad guys.


A good rule to follow for any incoming call: never hand over your credit card or bank details. Just don’t do it!

3. If you have a doubt: tell everyone about it

The Telephone Support Scam preys on people’s insecurity about their lack of tech knowledge. It is very easy to be a victim, and the best defense is sharing knowledge – telling other people about this scam, and what the criminals are doing. It is much easier to put the phone down if you know that the call is a scam.

You should also consider reporting the scam to the company being investigated. If you do, make sure you find the right details though.

4. Protect your PC in advance

Do not forget to use antivirus protection for all your devices. If your device is protected by an anti-malware toolkit, it will not be generating security errors online or anywhere else. So you know that someone claiming you have a problem is also lying.

If your computer does not have an up-to-date security toolkit installed, you must act now.

Most social engineering attacks can be avoided by taking a second to think through the implications of what you are being told. You must not allow yourself to be bullied into making what could be a very costly mistake.

For more useful tips and advice about staying safe online, please check out the Panda Security knowledge base.

 

via:  pandasecurity


Save pagePDF pageEmail pagePrint page

If You Use Autofill, You Might As Well Give Away Your Info For Free

The autofill feature that many browsers offer is a useful time-saving tool that saves you from having to manually fill out forms with the same information every time. Programs include all the necessary information without the user having to go from one field to another to write information that is often repeated in most forms. However, what at first seems to have nothing but upsides for workers and individuals, does in fact carry with it some security risks.

Autofill can be used by cybercriminals to perpetrate phishing attacks in order to collect user data through hidden fields. When the Internet user allows the browser to fill in the form information, it would also fill in a number of spaces that the screen does not display. In this way, when the individual sends the document, she would also be sending her personal information to cybercriminals without realizing it.

Finnish developer Viljami Kuosmanen has revealed how such attacks work with a practical demonstration. He created a form in which only the fields “name” and “email” can be seen, along with a “send” button. However, the source code of the web page harbors some hidden secrets from the user: there are six other fields (phone, organization, address, postal code, city and country), which the browser also automatically populates if the user has activated the autofill function.


The method is a simple strategy to get all sorts of personal information that, according to Kuosmanen tests, can be used in both Chrome and Safari. Other browsers like Opera also offer the autofill feature and Mozilla Firefox is currently working to implement it.

Fortunately for users, it is possible to disable this option in the program settings without too much difficulty. Browsers have it activated by default without asking permission first, so the only way to turn it off is by taking a moment to change the setting manually.

This is a serious threat to the security of personal and corporate information and is difficult to detect because, unlike other types of attacks, the user does not see any links or other types of samples that might lead her to suspect anything is amiss.

It is therefore advisable to disable the option in your browser, even though this means that you’ll be spending a little more time filling out those pesky forms.

 

via:  pandasecurity


Save pagePDF pageEmail pagePrint page

Yahoo Issues Another Warning in Fallout from Hacking Attacks

Yahoo is warning users of potentially malicious activity on their accounts between 2015 and 2016, the latest development in the internet company’s investigation of a mega-breach that exposed 1 billion users’ data several years ago.

Yahoo confirmed Wednesday that it was notifying users that their accounts had potentially been compromised but declined to say how many people were affected.

In a statement, Yahoo tied some of the potential compromises to what it has described as the “state-sponsored actor” responsible for the theft of private data from more than 1 billion user accounts in 2013 and 2014. The stolen data included email addresses, birth dates and answers to security questions.

The catastrophic breach raised questions about Yahoo’s security and destabilized the company’s deal to sell its email service, websites and mobile applications to Verizon Communications.

The malicious activity that was the subject of the user warnings revolved around the use of “forged cookies” — strings of data which are used across the web and can sometimes allow people to access online accounts without re-entering their passwords.

A warning message sent to Yahoo users Wednesday read: “Based on the ongoing investigation, we believe a forged cookie may have been used in 2015 or 2016 to access your account.” Some users posted the ones they received to Twitter.

“Within six people in our lab group, at least one other person has gotten this email,” Joshua Plotkin, a biology professor at the University of Pennsylvania, said. “That’s just anecdotal of course, but for two people in a group of six to have gotten it, I imagine it’s a considerable amount.”

Plotkin said in a telephone interview that he wasn’t concerned because he used his Yahoo email for messages that were “close to spam.” In the message he posted to Twitter , he joked that “hopefully the cookie was forged by a state known for such delicacies.”

 

via:  enterprise-security-today


Save pagePDF pageEmail pagePrint page