Steganography is the interesting but potentially dangerous technique of hiding data or malware code secretly within an ordinary, non-secret file or message to avoid detection. The use of steganography can be combined with encryption as an extra step for hiding or protecting data. Steganography can be used to conceal almost any type of digital content, including text, image, video, or audio content; the data to be hidden can be hidden inside almost any other type of digital content.
The popular musician Grimes sold animations she made with her brother Mac on a website called ‘Nifty Gateway’. Some were one-of-a-kind, while others were limited editions, all were bought in 20 minutes generating revenues of over $6 million. Despite the steep price tags, anybody can watch or copy typical animations. However, this is no normal animation. It comes with a scarcity similar to a physical painting in an art gallery. Classic supply and demand has been turned on its head with these new digital certificates, also know as NFT’s or Non-fungible tokens.
The US Treasury Department’s Office of Foreign Assets Control (OFAC) warned organizations on 10/1/2020 that making ransomware payments is now illegal. These payments violate US economic sanctions banning the support of terrorists, cybercriminal groups, and state-sponsored hackers. The edict limits how ransomware victims, insurers, and incident responders can recover from these incidents. If they pay the ransom, they may get fined by OFAC. If they don’t pay the ransom and critical data is released online, they may get fined (HIPAA, PCI, privileged legal documents) for breaching confidentiality.
Apple’s tracking-optional iOS 14.5 update provides privacy-preserving features, giving users the ability to opt-out of being followed around the Internet via “trackers” in their apps. iOS 14.5 redirects all website checks through its own proxy servers allowing Apple to block suspicious requests. Apple’s released this as a part of their strategy to protect user privacy and prevent leaking IP addresses to Google and Facebook. Facebook makes 98% of its revenue from advertising. An unknown portion of that advertising revenue will be impacted by these changes in Apple’s privacy initiative.
The Federal Trade Commission (FTC) issued a warning about ‘Romance Scams’. Catfishing is an increasingly common technique used on social media and dating sites to attack victims through fake personalities, attractive pictures, and accounts. Romance Scams or catfishing play on people’s emotions, most often for fraudulent financial gain or identity theft. Catfishing exploits users that are willing to ignore warning signs that an online friend or acquaintance may not be who they claim to be.
Clearview AI has created one of the broadest and most powerful facial recognition databases in the world. Their application allows a user (law enforcement we hope) to upload a photo of an individual into the application. Once the photo is analyzed within the app, it shows the requestor all the public photos of that same individual found in their database of more than 3 billion images; along with links to where those images may rest online (often in social media sites but many other places as well). The application has been used by more than 600 law enforcement agencies since 2019, to help solve shoplifting, identity theft, credit card fraud, murder, and even child sexual exploitation cases. Canada recently ruled that this technology encroached on citizen privacy rights and deemed it illegal for all uses.
Cybrary Term of the Month
Non-Fungible Tokens (NFTs) are unique, easily verifiable digital assets that can represent items such as GIFs, images, videos, music albums, and more. Anything that exists online can be purchased as an NFT, theoretically. An NFT is a type of cryptographic token and not interchangeable. This means that each one of these ‘tokens’ is unique, nobody can have the same one as you. In cryptocurrency, you have the ability to pay for products or services, where NFTs you can only trade ‘token for token’. An easy way to understand NFTs is through trading cards, you can trade them with people, but a Babe Ruth baseball card is different from a Nolan Ryan card. In bitcoin and other currencies, that currency is identical throughout the world.
CyberHoot provides password-less access. Zero time wasted searching for websites, resetting passwords, and delayed login. Click an email link for instant training access!
Everything you need to learn cybersecurity skills is handled through email including training assignments, reminders, management compliance reports, and "My CyberHoot".
CyberHoot automates non-compliance through manager email notifications. Compliance status of employees for managers is enabled so you always know where you stand.
Cyber"Hoots" are most often 5 minutes or less. This ensures your staff get trained quickly with the most effective solution.
The Power of Open
CyberHoot is an open cybersecurity training Platform. Any video or PDF can be used to train and govern your employees.
In a survey of 100 CyberHoot users, 60% would be "Disappointed" or "Very Disappointed" if CyberHoot Training was stopped.