BlueBorne Bluetooth Hijacker – What Do We Know?

Cybersecurity researchers at Armis Labs have released information about a new attack vector called BlueBorne.  This exploit has the potential to put millions of devices running Windows, Linux, Android or iOS operating systems at risk.

This exploit allows attackers to connect over the Bluetooth radio system with having to first pair the two Bluetooth enabled devices.  Once installed, the attacker has full control of ...

Continue Reading →
0

D-Link Does Bad Security Again

A security research found 10 “critical” security flaws in a popular D-Link wireless router.  This is not the first time that poor security has painted this company with the ugly stick.  They have previously been sued by the Federal Trade Commission, and we have reported about their deficiencies in this blog.

Security researcher Pierre Kim says the D-Link DIR-850L AC1200 Dual Band Gigabit Cloud router has 10 security vulnerabilities serious enough for him ...

Continue Reading →
0

An Interesting New Twist on WordPress Site Hijacking

This story reads like fiction.  OK, not great fiction, but this story illustrates another way that WordPress websites can be hijacked and used to promote a cyber scam.

WordPress websites are often hijacked so a phisher can host their landing page on a site that does not lead back to them.  And WordPress sites can be interesting targets for other cyber-criminals who export the ...

Continue Reading →
0

Bad Passwords Still Allowed

The Sophos Naked security blog ran an article in August that was a disappointing revelation about major online brands that allow ridiculously easy user passwords.  Just because a web site will permit you to use a bad password, doesn’t mean you should.  Our current recommendation is to use passwords of at least 15 characters, and couple that with two-factor authentication at every opportunity.

The password management program Dashlane performed an audit of 37 online brands and rated their ...

Continue Reading →
0

Don’t Miss It! I am a featured speaker next Tuesday at Joule Cram Day

NEW!

Joule U . CRAM DAY

Tuesday . September 26 2017

SIX 60 MINUTE CLASSES
Learn something new! Attend one, some or all.

My presentation, Shields Up for WordPress Websites and Blogs is from 2:30 to 3:30.

I know many of the other speakers and this looks like a terrific lineup.  Block out the day and get some valuable information you can ...

Continue Reading →
0

Biometrics Not Really Secure

Two-factor and multi-factor authentication are becoming more important and more available as we struggle to secure our information from attackers. These factors are something you know, something you have, and something you are.   Biometrics (something you are) are one of the three factors used in computer, network, and application authentication.

Biometrics include thumbprint or fingerprint readers, palm scanners, iris and retinal scanners, facial recognition, speech recognition, and even arcane systems that detect ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Talk Like A Pirate Day Coming on September 19

We will start with the good stuff for a change.  Talk Like A Pirate Day is my second favorite unofficial Holiday.  Check out the official website.  Check out the cool pirate swag and order yourself a pirate hoodie or tee shirt.

Arrrgh!


BlueBorne Bluetooth ...

Continue Reading →
0

WireX Turns Android Phones into DDoS Botnet

WireX is a new botnet that runs on hijacked and compromised Android phones.  A bot-net is a collection of compromised devices that can be coordinated by the hijacker to work together on a certain task.  It might be bit-coin mining, or password cracking, or other tasks that require a lot of processing power.  This bot-net, like last year’s Mirai and ...

Continue Reading →
0
Page 4 of 44 «...23456...»