Critical Path Security guidelines for defending against the increasingly common SIM swap attack.

So what is a SIM swap attack?  A SIM swap attack is when a criminal tricks a customer service representative at a cellular service provider into reassigning the victim’s phone number to a phone that the criminal has.  After they successfully get the SIM swapped to their phone they are able to receive the text messages used as a second form of verification to reset passwords for many online services and apps.  Then they can login to your bank accounts, email and social media. Who should be concerned? Everyone.  Recently, Jack Dorsey the CEO of Twitter was a victim so it can happen to anyone! What can I do to protect myself? The first thing you should do is contact your service provider and add a PIN to your account, this is to prevent a criminal from masquerading as you and changing devices or even who can access your account. …

0 Comments

The Evolving Threat of The Mirai Botnet

The Mirai botnet that once only targeted home based IoT devices is now a threat to the enterprise. This new strain of the malware is targeting routers, IP cameras, and network storage devices. According to Palo Alto’s Unit 42 research, “This development indicates to us a potential shift to using Mirai to target enterprises.” The targeting of enterprise devices will allow Mirai to have larger bandwidth than it previously had before from consumer devices. This will enable it to launch more effective DDoS attacks, like the ones it became infamous for in 2016. The DDoS attacks in 2016 were so effective that at one point an estimated 25% of the Internet was disconnected and in another case the entire country of Liberia lost Internet connectivity. The original source code for Mirai was posted to GitHub and has been forked into new variants nearly 3,000 times. The evolving Mirai variants make…

0 Comments