Vulnerabilities Archives - Tech Prognosis Blog

Protect Your Business From Dangerous Cryptomining Activities

Why Small Organizations Should Be Worried About Illicit Cryptomining Activities

cryptomining activity

There is a scourge currently targeting small businesses and organizations and many are not even aware of it because it does not do anything sensational meant to cause harm. It does not install a virus, send phishing emails, or attempt to kidnap business data for ransom. That scourge is cryptocurrency mining, or simply cryptomining.

What is cryptocurrency?

Cryptocurrency is a form of digital currency that can be used in exchange for goods, services, and even real money, similar to other currencies. However, unlike other currencies, cryptocurrency operates independently of a central bank and uses encryption techniques and blockchain technology to secure and verify transactions.

To quote Malwarebytes, “Two words—“cryptography” and “currency”—combine to form “cryptocurrency,” which is electronic money, based on the principles of complex mathematical encryption. All cryptocurrencies exist as encrypted decentralized monetary units, freely transferable between network participants.” Or put more simply, cryptocurrency is electricity converted into lines of code, which have a real monetary value. (See a detailed article by Malwarebytes on this topic here).

While Cryptocurrency may be in its infancy, its popularity continues to increase, some would say, exponentially. You may have heard of terms like Bitcoin, Litecoin, Monero, Ethereum, Ripple etc. These are just a few types of the cryptocurrencies currently available. (more…)

Comments Off

November 7, 2019

Cloud Computing / Compliance / Enterprise Computing / Featured / Malware / Open Source / Security / Security Breach / Small Business / Vulnerabilities

Data Encryption Tools For The Mobile Business Executive

Infographic depicting various devices using data encryption.

Data encryption is not one of the security options most companies think of providing for their senior executives who use, and travel, with laptops, netbooks and tablets so they can stay productive even when on the road. This is even more true of corporate executives who sometimes demand anytime, anywhere access to data residing on corporate servers.

While the big corporations can afford to spend millions of dollars on data protection hardware and software., the same cannot be said of executives in small and medium-sized organizations, especially when it comes to loss of personal information, including credit card data, patient records or other financial information, stored by the company.

Data breaches happen and information is lost every day due to small mistakes that could have been avoided by using data encryption technologies. For small businesses, these data loss events can be devastating. (more…)

Comments Off

October 10, 2019

Enterprise Computing / Ethics / Featured / Security / Vulnerabilities / Web Technology

Why We Should Thank, Not Demonize LulzSec, Anon

So the 50-day cruise is over and the guys at LulzSec are going back underground. That should worry some of us because if they did not want us to know what they were doing, I don’t think any sane person would argue that they could not have done so.

While the media has been abuzz about the exploits of Anonymous and LulzSec, the bigger question we should be asking is, are any of their exploits new or did they just give us a wake up call that there is no security, at least in the way we normally define it. What they have demonstrated is that security is a term we use to make ourselves feel good. (more…)

Comments Off

June 26, 2011

Cloud Computing / Enterprise Computing / Ethics / Featured / Hardware / Security / Security Breach / Vulnerabilities

The RSA Breach: Time for Full Disclosure?

As more companies with national security interests come forward with admission of breaches related to the hacking of RSA’s SecurID technology, one wonders if it is time for RSA to break its stubborn refusal to tell the public what exactly was stolen or when the breach actually occurred. At this stage, it is not just enough to tell the public that it had been hit by a phishing email exploiting a zero-day vulnerability in Adobe Reader. (more…)

Comments Off

June 3, 2011

Cloud Computing / Email and Spam / Enterprise Computing / Ethics / Featured / Vulnerabilities / Web Technology

Is Facebook’s Login Approvals a Setback for Mobility?

“Today, we’re announcing our newest opt-in security feature that I’ve worked to build over the past few months: Login Approvals.”

With that, Facebook announced Login approvals, “…a Two Factor Authentication system that requires you to enter a code we send to your mobile phone via text message whenever you log into Facebook from a new or unrecognized computer.”

The idea behind the new feature is to help users combat unauthorized access or the now infamous “I have been hacked” incidents that have plagued users of the Social Network. The new feature, which is currently optional is expected to add a second layer of protection to users’ login process.

What exactly is it? Here is Facebook’s explanation of Login Approvals: (more…)

2 Comments

May 24, 2011

Enterprise Computing / Featured / Security / Storage / Vulnerabilities

Breaching the Bastille: When Security Vendors Get Hacked

The recent rash of exposures about successful attacks against information security vendors may come as no surprise to a lot of people in the information security world who probably see or hear about it frequently, but it will surely come as “shocking” to most “ordinary” folks.

HBGary, RSA, Comodo and Barracuda Networks are the latest of high-profile security vendors to be breached. As a quick refresher, EMC’s RSA group disclosed that someone had broken into its networks and obtained information that could compromise its SecurID products. (more…)

Comments Off

May 14, 2011