January 29, 2019
US Gov issues emergency directive after wave of domain hijacking attacks
The US Department of Homeland Security (DHS) has issued an emergency directive tightening DNS security after a recent wave of domain hijacking attacks targeting government websites.
Under the directive, which appeared a week after a US-CERT warning on the same topic, admins looking after US.gov domains have until 5 February to do all of the following or explain why they can’t:

  • Verify that all important domains are resolving to the correct IP address and haven’t been tampered with.
  • Change passwords on all accounts used to manage domain records.
  • Turn on multi-factor authentication to protect admin accounts.
  • Monitor Certificates Transparency (CT) logs for newly issued TLS certificates that might have been issued by a malicious actor.
  • The warning mentions domain hijacking campaigns publicized by security companies in November 2018 and January 2019, only one of which alluded to targets that might include US government sites. Read more
What is Domain Hijacking?
Wikipedia defines Domain Hijacking as the act of changing the registration of a domain name without the permission of its original registrant, or by abuse of privileges on domain hosting and registrar(s) software systems.

This can be devastating to the original domain name holder, not only financially as they may have either derived commercial income from a Website hosted at the domain or conducted business through that domain's Email accounts,[1] but also in terms of readership and/or audience for non-profit or artistic Web addresses. After a successful hijacking, the hijacker can use the domain name to facilitate other illegal activity such as phishing, where a Website is replaced by an identical Website that records private information such as log-in passwords, Spam, or even distribution of malware, causing additional damage to third-parties to the wrongful loss and wrongful gain of the domain.
Want to be on the frontline to prevent domain hijacking and help with cyber security? Check out our schedule and get certified with Intellectual Point!
Join us for our Digital Natives Meetup TONIGHT!
Hands-On Advanced Cyber Threat Protection Demo with FireEye
January 29th at 6pm
University Of North America

RSVP and join us tonight for your chance to win a Google mini!

Want to be a Meetup Speaker? We would love to hear from you!
How to Stay Safe Online WITHOUT an Internet Connection
Tech Quickie explains what to do when you get an email that someone has gotten into one of your accounts. Be sure to set up two-factor Authentication. Watch this video to learn the breakdown of how the codes are generated.
We are so proud to say "Congrats" to the following people who have passed their exams...
  • Miriam Vincent - CEH
  • James Archie - CEH
  • Sabrina Walker - MOS
  • Sarah Raynes - MOS
  • Amjata Jalloh - CEH
Upcoming Classes
The Federal IT Market Grew by 10 Percent in Fiscal 2018
The U.S. federal government spent an all-time high of $64.7 billion on information technology contracts in fiscal 2018, a 9.5 percent increase from fiscal 2017 levels, according to Bloomberg Government’s analysis.

The Defense Department’s IT contract spending grew by more than 12 percent to $33.8 billion in fiscal 2018, while total IT contract spending by civilian agencies rose to $30.8 billion, a 6.6 percent increase. These figures underscore just how central IT and IT contractors are to modern government operations.

Here is a breakdown of the stats:
  • Technology Services - rose by 10 percent to $47.4 billion
  • Cybersecurity - increased by about 6.7 percent to $6.4 billion
  • Digital Services - rose from $3.6 billion to $4.2 billion, a 17 percent increase government wide
  • Software Engineering and Agile Development - 7 percent increase
  • Data Analytics and Business Intelligence - 24 percent growth government wide
  • Artificial Intelligence - rose from $340 million to $592 million

Learn more about our classes so you can take advantage of all Federal IT growth!

What certification do you need?
Certified Network Defender (CND)
Certified Information Systems Auditor (CISA)
Certified Information Systems Auditor (CISA)
Certified Chief Information Security Officer (CCISO)
Comptuer Hacking Forensic Investigator (CHFI)
How to disable FaceTime as Apple prepares fix for major privacy bug
On Monday, Apple acknowledged a bug with its video-calling app where users can eavesdrop on your conversations even if you don't answer the call.