What is open-source software (OSS)? In the context of software development, open-source refers to a set of code (a.k.a. a software) that is open to the public to be seen, edited and/or shared[1]. This implies that when someone downloads and uses an open-source software(OSS), the user trusts that it is reliable. One beauty of OSS …
Category Archives: CPSC 329/602 W22
Russia Arrests 14 REvil Members
On January 14, 2022, the Russian government has said they’ve arrested 14 alleged cybercriminals working for a ransomware group called REvil, which has effectively crippled the group and any infrastructure they’ve used[2]. The reason for arresting these criminals was a previous request from the US government for action against cybercriminals like REvil. [1] The Group …
Ransomware on the rise, how can you protect yourself?
What is Ransomware? “Ransomware is a form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption.” [1] What does this mean? Essentially, an attacker can lock you out of access to the majority of your …
Continue reading “Ransomware on the rise, how can you protect yourself?”
Web 3
Inspired by Dylan’s tweets, I decided to look into my stored data on Google through google.com/takeout and found out how much information they have about me, which is indeed worrisome… In recent years, we have found big companies like Facebook and Google violate privacy by exploiting vast databases of users. As web users become more …
Zero-trust: Rebuilding the Broken Kingdom
Roman poet Juvenal once said, “Quis custodiet ipsos custodes?” which translates from Latin to “Who will watch the guards themselves?” 1 The model for cybersecurity is so archaic it almost dates to the medieval era. It might be absurd to hear, but many agree that it’s true. Currently, organizations have adopted a castle-like security approach …
Continue reading “Zero-trust: Rebuilding the Broken Kingdom”
FIFA Ultimate Team Phishing Attack, What Went Wrong?
On January 11th, 2021, EA has confirmed that several high profile accounts in FIFA Ultimate Team have been compromised after attackers targeted customer support, with several accounts worth in the range of one thousand dollars being completely drained of resources, or given to anonymous individuals online. The Attack Attackers targeted customer service representatives “Utilizing threats …
Continue reading “FIFA Ultimate Team Phishing Attack, What Went Wrong?”
WordPress (Plugin) Vulnerabilities More Than Doubled in 2021 and 77% of Them Are Exploitable
Article: https://www.riskbasedsecurity.com/2022/01/11/wordpress-vulnerabilities-more-than-doubled-in-2021/ Depending on your knowledge regarding information security, your first reaction to the title may have been:(a) “Oh, that’s good to know”,(b) “What the heck does that mean?”, or(c) “Should I be panicking- especially how CPSC 329 is using WordPress?!?” Allow me to offer you context & a translation of the article! What are …
“They” have been “treating” us the way “they” think is correct. What should we do?
“They”, in the topic of this blog, means the governments or(and) the technology companies. When we feel so lucky to live in a world full of convenient high-tech products, we truly don’t know “they” are “stealing” our digital traces and deciding how to “treat” us based on these digital traces. Like Rainey Reitman said, “Modern …
REvil Ransomware Gang Arrested in Russia
Last Friday, 14 members of a ransomware group known as REvil were arrested by Russian authorities at the request of the United States[1]. Of those arrested, one individual has been attributed as having been partially responsible for the Colonial Pipeline attack in May of 2021[2]. REvil as an organization has executed numerous cyberattacks since their …
Jan 17 Blog Post – Ransomware infected USBs
Last week, the Federal Bureau of Investigation has warned government organizations and private businesses that ransomware-infested USB sticks have been shipped across the United States by a ransomware group called FIN7 (Vaas, 2022). Concerningly, FIN7 has masked its packages to appear authentic and originating from Amazon and/or federal agencies. FIN7’s objective is to compromise the …
Continue reading “Jan 17 Blog Post – Ransomware infected USBs”
