Madsqu1rrel’s What in the (cyber) world is going on?” 10-17-16 edition


Samsung finally threw in the towel in on the ill-fated Note 7, but not before Oculus made quite the statement by disabling the use of Note 7’s in the Gear VR headset they make for Samsung. It seems they don’t want it to blow up in someone’s face. Pretty wise move if you ask me. Oh, it’s also banned on US flights now, periodSamsung is offering folks $100 toward a new phone when they trade in the Note 7 for something less blow-upie. If you don’t trade for another Samsung device, you still get $25 for risking your life and sacrificing your humility. On a plus note, we got this awesome story out of the ordeal:

Archaeologist: “First Humans Used Primitive Samsungs To Start Fires”


The KnowBe4 Scam Of The Week is… drum roll please… “Insidious New IRS Social Engineering Attack“. This attack is a social engineering scam that will work to bilk you out of your hard earned money by convincing you (or elderly people in your life) that you owe the IRS money. Read the article for more detail, but the short of it is, if you or a loved one gets an IRS CP 2000 form claiming the income reported on your tax return does not match the income reported by your employer, just can it. If that won’t let you sleep at night call the IRS at 1-800-366-4484 to confirm (preferably from a pay phone in a neighboring county, just in case it’s true).

Another hot scam this week is: “Brad Pitt Found Dead (Suicide)“. This headline drew gasps from the ladies here when they heard it, so I guess it does tug at some heartstrings as intended. I must be dead inside, cuz I wouldn’t even bother to click on that headline. For the record, Mr. Pitt is NOT dead and Angela appears to still be single, good news for both housewives who love Brad and those geeks who are reading this that are planning to emerge from their lairs (a.k.a. Mom’s basement) in an effort to woo Ms. Jolie. I hear even the “400lb hacker” is making plans. Good luck my friends!

I had already sent out some warning, but it seems the US-CERT was listening to me as they published their own warning about Hurricane Matthew phishing scams. It’s not rocket science folks, when something major like this happens, the scammers are going to leverage it for their gain. They will use it to get folks to click on links or open documents, all of which lead to bad things. If you want to donate or help, go to the website of a reputable organization or at least don’t do it via any contact information in an email. Go search the org and contact them that way.

Because! we! Just! can’t! get! enough!, Yahoo! just got cheaper. Well, they think it is going to get cheaper by like a BILLION DOLLARS! Check your couch cushions folks, it’s ALMOST affordable. According to the WSJ, this may equate to a material adverse change (ya think!?) and Verizon is expected to smack Yahoo! about the head and shoulders (financially speaking) for not not disclosing that little, um… oversight. “Oh, that half a billion (or more) records we lost?” Very likely this was a result of a phishing attack letting the bad guys in the network. Whoops.

CryPy is a new variant of ransomware that is designed to make life suck. While that is typical of other variants, this one is Python-based, stops services you might need to save your bacon (Registry Tools, Task Manager, CMD, and Run) and then encrypts your files. So, it’s not done yet. It encrypts each file with a unique key then tells you it will start randomly start killing off a file every 6 hours. After 96 hours it deletes the decryption key, effectively taking it’s ball and going home. It’s rumored to feed off Bitcoins and tears, one of which it will likely get either way. Still in it’s early stages, its not very prolific, but we want to keep an eye on this. Since C&C seems to be in Israel, Geo-blocking might help for now if you can do it.

Other News

There was a privacy breach at a Vancouver pot dispensary revealing medical info (and the fact that you use a dispensary). Dude… harsh man.

Have a great week and stay safe out there

Erich’s “What in the (cyber) world is going on?” 10-10-16 edition


Samsung continues its full frontal attack on the masses. First it was Note 7’s spontaneously catching fire, then it was washing machines exploding. Now it’s the replacement Note 7’s continuing their reign of flaming terror across airports and homes across the country.

The Samsung “Smart Home” is turning in to more of a Halloween Home of Horror. Keep an eye on those fridges ya’ll!


We saw some new ransomware activity last week. This stuff doesn’t necessarily encrypt the files, but renames them and demands a ransom to restore them. In addition, it spreads like a worm by infecting executable files. Not cool man, not cool. While it does seem to have a bit of an identity crisis (am I worm? Am I ransomware? I have no idea!) it’s something to keep an eye on either way. More info:


Let’s just face it, if you have ever had a Yahoo! account, used a Yahoo! search engine, uttered the word Yahoo! or even heard of Yahoo!, you can assume you have been pwned. Just change all of your passwords, rename your pet and have your mom change her maiden name because nothing is safe anymore. 1 billion accounts… sheesh.

Imagine for a moment how this would impact us all if these sorts of things happened with authentication methods such as biometrics that you can’t change. Something to consider as we start going down that path. Who would you trust with that data?


There is a scam going around claiming to be from the IRS (shocking, right?) using a phony Form CP 2000 in emails, text messages, live calls and perhaps even snail mail, associating itself with the Affordable Care Act. Warn your folks and tell them they can call the IRS at 1-800-366-4484 to confirm if it’s legit.

Hot Topic Phishing

Remember that when something major happens in the news (debates, attacks, deaths, product launches, exploding “smart” devices, etc.) there is an inevitable phishing campaign soon to follow. Keep an eye open for these and warn your family and users. Don’t be a victim lest you be the subject of the next campaign.