Weekly Cyber AAG

7 Ways to Protect Against Cryptomining Attacks 
Comment: Cryptocurrency mining, the process by which new cryptocurrency is generated, requires significant computing power that, in some cases, can cost the miner more in time, electricity, and equipment than the cryptocurrency itself is worth. To circumvent this resource-intensive process, profit-motivated actors have developed methods to hijack computing power from a large number of victims by infecting their mobile phones, IoT devices, computers, and servers with malware designed to conduct this type of mining activity. Over the past several months, cryptocurrency-mining malware has been delivered to victims via drive-by mining campaigns, malicious Android and MacOS applications, browser extensions and add-ons, and powerful botnets. We encourage all system users and administrators take the steps outlined in the article to protect themselves from this and similar threats. 

8 Security Spring Cleaning Tips for the Home Office
Comment: This year, expand your spring cleaning efforts beyond vacuuming and reorganizing your closet. Now is the perfect time to take inventory of your home network – including computers, routers, and other internet-connected devices – and make sure they are all patched, secured, and up-to-date with the latest software and firmware. It is also a good time to get rid of those old, bad cybersecurity habits and replace them with new ones that will do a better job of keeping your data and devices safe. This article highlights eight simple steps you can take now to improve your cybersecurity posture both at home and at work.

Here’s a Long List of Data Broker Sites and How to Opt-Out of Them
Comment: As people become increasingly concerned with the amount of personal information being collected, shared, and sold by various websites, social media platforms, and data brokers, more emphasis is now being placed on opting-out of data-collection services when possible. Motherboard has compiled a list of websites and services that participate in this type of data collection along with links that provide instructions on how to opt-out or request the deletion of personal information from their databases. We encourage all users to request the removal of their information from as many of these websites as possible to reduce the risk of that information being accessed by malicious actors and used to craft convincing social engineering campaigns.