Skip to content
What is CEO fraud? c/o KnowBe4.com
Irvine, CA - CEO fraud is a phishing scam in which cybercriminals spoof company email accounts
and impersonate executives to try and fool an employee in accounting or HR into executing unauthorized wire transfers, or sending out confidential tax information.
The FBI calls this type of scam "Business Email Compromise" and defines BEC as “a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The scam is carried out by compromising legitimate business e-mail accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.”
In the time period from January 2015 to June 2016, the FBI reported a 1300% rise in lossesfrom this type of fraud. Most victims are in the US (all 50 states), but companies in 100 other countries have also reported incidents. While the fraudulent transfers have been sent to 79 countries, most end up in China and Hong Kong. Unless the fraud is spotted within 24 hours, the chances of recovery are small.
Four Attack Methods
Understanding the different attack vectors for this type of crime is key when it comes to prevention. This is how the bad guys do it:
DFARS 252.204-7012 is going to define new winners and losers in defense contracting
Kevin McDonald has just published his latest article of DFARS (Defense Federal Acquisition Regulations Supplement) at SearchCompliance.TechTarget.com. If you fall into this category, a recently implemented rule from the Department of Defense called the Defense Federal Acquisition Regulation Supplement (DFARS) [...]
Aligning IT and compliance procedures increasingly a business priority
Kevin McDonald writes for TechTarget SearchCompliance on Aligning IT and compliance procedures increasingly a business priority. He says, "When I've asked IT pros about HIPAA Security Rule compliance within their organization, they've typically responded with, "That is the compliance officer's realm" [...]
DFARS pre-assessment questionnaire
Los Angeles, CA - Tonight I am reviewing our new DFARS Pre-Assessment Questionnaire that has just been updated for 2017. It is a very compact 30 questions in a four page document. It of course is not a full DFARS assessment, but it is step one of your process you must do before anything else on your DFARS compliance journey.
DFARS is the Defense Federal Acquisition Regulation Supplement. It is a supplement to the FAR that provides DoD-specific acquisition regulations that DoD government acquisition officials – and those contractors doing business with DoD – must follow in the procurement process for goods and services.
If you are an aerospace company, Department of Defense contractor or another type of organization that falls under....
IT solution providers speak out on the Silicon Valley/Trump Summit meeting
Irvine, CA - IT solution providers have never been a shy bunch. In this article by CRN - Solution Providers Cheer Trump Tech Summit, Hoping It Will Help Channel Partners Create More Jobs, many share their thoughts on where our president-elect [...]
Here is a list of available ransomware decryption tools
If you have just gotten ransomware, check out this new webpage with a list of new ransomware Decryption Tools. Not all ransomware can be decrypted, but if you find you have:
1. WildFire Decryptor
2. Chimera Decryptor
3. Teslacrypt Decryptor
4. Shade Decryptor
5. CoinVault Decryptor
6. Rannoh Decryptor
7. Rakhni Decryptor
Smoke testing is a term used to describe the testing process for servers after patches are applied. 
Estimating an average time for patching servers and PCs can be a bit tricky. It can vary from one month to the next, depending upon the number and complexity of the patches released by your software vendors. You must consider all versions of operating systems and have a complete inventory of all your application software to do this job correctly. Our experience has shown that manual patching of systems takes on average of about 1.5 hours each.
This is a basic cost calculator for you to compute your typical monthly cost for patching your servers, PCs, laptops, tablets and associated application software. It also forms the basis for you to begin calculating your Return on Investment for software patching, or for comparison with alternatives to the manual process of patching operating systems and application software—such as Patch Management as a Service, also known as Vulnerability Management as a Service.