Personal and Business Uses for Keyloggers.

Would you like to use a keylogger to spy on your spouse?  How about your kids?  Is it legal?  Can an employer use a keylogger to monitor employee computer activity in the workplace?

Usually, when I am discussing keyloggers, it is the kind of keylogger a cyber-criminal would use, and how to keep them off our computer.  Today we are looking at this from another angle.

A keylogger, if you don’t know, is ...

Continue Reading →
0

Cybersecurity Basics for Small Businesses

If you are a small business owner or manager, you have a target on your back.   You face a special set of risks from cyber-crime exploits.  Most often, you do not have the financial resources to afford a full time IT support employee.  You do not have the budget for expensive Intrusion Prevention Systems (IPS), or Security Information and Event Management (SIEM) systems.  You might not even have a firewall, or ...

Continue Reading →
0

Cybersecurity Basics

It’s April Fools Day, and in honor of those people who are still trading away safety for convenience when working with a computer or online, we have a short list of simple and basic security methods.  If you are someone who provides “tech support” for a family member or are the “go-to” unofficial tech support in a small business, this is a good place to start.

Behaviors

This is simple stuff, but important, ...

Continue Reading →
1

The NSA Releases Reverse Engineering Tool

Here’s a kick in the head.  Your tax dollars at work in a way that may save you a bunch of money.  The National Security Agency has voluntarily released a software reverse engineering tool called Ghidra at the RSA security conference.  The NSA has been using this tool internally to take apart and analyze malicious code, and to find vulnerabilities in commercial software ...

Continue Reading →
0

Docker Vulnerability Allows Crypto-Miner Access

If you are running a fleet of virtual machines using popular containerization solution Docker, you may be in for a nasty surprise.  A couple of vulnerabilities have been discovered in Docker that has been exploited by cyber-criminals to run the Monero crypto-currency miner on affected Docker containers.  This will of course have a serious impact on performance, and in an environment where billing is usage based, this will increase your costs.

Security ...

Continue Reading →
0

Most Common Malware of 2019 (So Far)

In 2015 and 2016 the winner was crypto-ransomware exploits.  In 2017 and 2018 the most common exploit was Business Email Compromise, aka Email Account Hijacking (BEC/EAC).  This is year is shaping up to be the year of the crypto-mining exploit.

Here are the crypto-mining malware programs that are the most prevalent:

  • AuthedMine – A variant of Coinhive, AuthedMine ios supposed to require an explicit opt-in ...
Continue Reading →
0

New WordPress Security Options

I have developed some expertise around the area of WordPress security.  One of my clients has a WordPress site under development, and recently the web designer changed the name of the login URL from https://clientsite.com/wp-admin to https://clientsite.com/A9u3ycGH37.  Basically, the wp-admin page name had been replaced with random characters.  I found out when I tried to log in using the usual URL.  I wondered ...

Continue Reading →
0

Computer and Networking Shortcuts Create Vulnerabilities

Most victims of cyber-crime created the vulnerabilities that allowed their computer, network, email account, website, or other service get hijacked.  In many cases, especially in the consumer or small business networking environments, they just don’t know what to do, or what to be looking for.  But even in business network environments where IT professionals have been in charge of operations, decisions ...

Continue Reading →
0

Stupid Politicians – Australia Edition

Thank God this hasn’t happened here in the United States (yet).  It is not for lack of trying by US law enforcement agencies, though.  What am I talking about?  Australia recently passed the controversial and totally STUPID anti-encryption law called Telecommunication & Other Legislation Amendment (Assistance & Access) Act of 2018 (TOLA).

TOLA is supposed to ...

Continue Reading →
1
Page 4 of 70 «...23456...»