The Biggest Spy on the Internet – Part 1

Spying, intelligence gathering, surveillance, reconnaissance, eavesdropping, tracking – the Internet has made these activities much easier than they used to be.  The NSA, CIA, Russia’s Fancy Bear, China, North Korea – which organization is gathering more information about more people than probably any other.  While your information is unlikely (hopefully) to be in the NSA, CIA, or other governmental databases, a lot of information about you and me are certainly in ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Serious D-Link router security flaws may never be patched

Six routers with serious security flaws are considered end of life (EOL) and may never be updated.  The D-Link models affected are the DWR-116, DWR-140L, DWR-512, DWR-640L, DWR-712, DWR-912, DWR-921, and DWR-111, six of which date from 2013, with the DIR-640L first appearing in 2012 and the DWR-111 in ...

Continue Reading →
0

Solving Problems with Multi-Factor Authentication

In our last post we looked at several problems you might encounter using two-factor or multi-factor authentication.  If you have two-factor authentication, or are thinking about using it, there are some additional steps you should take in case you lose your second factor and have to re-establish access.

  • How do I recover my account?  Learn this in advance of actual need.  Dig into your ...
Continue Reading →
0

Problems with Multi-factor Authentication

I am admittedly a huge proponent of two-factor and multi-factor authentication.  For me, TFA, 2FA, and MFA have allowed the password some badly needed extended life as a secure authentication method.  With multi-factor authentication, losing your password to an attacker is not enough for them to gain access to and compromise a system, resource, or account.

Multi-factor authentication requires a user to log into ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Symantec SSL Certificates No Longer Secure

If you have a Symantec certificate on your HTTPS website, Chrome 70 and Firefox 63 will both be disowning any web certificates signed by Symantec.  From this month forward, anyone with Chrome or Firefox who browses to a web page “secured” with a Symantec certificate will see an unequivocal warning insisting that ...

Continue Reading →
0

The Must Have Characteristics of a Cybersecurity Pro

So you think you want to be a cybersecurity professional?  Or maybe you know (or are) a middle school (that’s right, start ’em young),  high school, or college student who is looking at cybersec as a career path.  What personality characteristics would you need to be successful?  What drives, motivates, and challenges a cybersecurity professional?  Just what kind of wingnut are ...

Continue Reading →
0

Problems with Password Manager Phone Apps

If you use a password manager app on your smartphone, it may be vulnerable to package name spoofing, which would allow the password manager’s autofill feature to enter your login credentials on a spoofed web form.  This vulnerability applies to popular apps from LastPass, Dashlane, Keeper, and 1Password.

I have been an advocate for password managers.  They are part of the solution to creating ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


National Cybersecurity Awareness Month: Cybersecurity at Home

10/02/2018 06:32 AM EDT  Original release date: October 02, 2018

October is National Cybersecurity Awareness Month (NCSAM), an annual campaign to raise awareness about cybersecurity. The National Cyber Security Alliance (NCSA) has published general tips to help ...

Continue Reading →
0

What Might A Future Cyber-War Look Like?

We have entered the age of cyber war.   Believe it or not, cyber war operations are going on right now in many places across the globe.  Most of these operations are covert, and often hard to attribute directly to a particular nation-state or adversary.

Marc Cancian has written a gripping report titled Coping with Surprise in Great Power Conflicts.  It ...

Continue Reading →
0
Page 2 of 62 12345...»