EMV Cards Due October – It’s About Time!

EMVcardEMV or “chip and PIN” cards have a much higher level of security built right into the card, and have been in common use in Europe for over a decade.  For some reason (too expensive to implement?  Really?) the United States has continued to use the horribly insecure magnetic stripe credit card, which is why exploits like the Target Christmas card breach are even possible.

On October 1st, the United States will FINALLY join ...

Continue Reading →
0

Tor Story 2

This is the second of a three-part series of articles about TOR.  On Monday we took a look at the surprising origins of the TOR network.  Today we will be taking a look at how TOR works.

HOW TOR WORKS

To use TOR, a person just needs to go to The TOR Project , and download an install the TOR web browser. Then it makes sense to read the TOR warning document. The rules include:

  • Use the TOR browser
  • Don’t torrent ...
Continue Reading →
0

Tor Story 1

TORlogoTOR or The Onion Router is one of the greatest anonymizer services available on the Internet, and allows anyone to use the Internet without revealing their source IP address, and through that, their location. Yet as recently as last November, when the FBI took down the Silk Road server and arrested its operator , and Interpol followed up with the seizure of 400 Dark Web marketplace sites and the arrest of ...

Continue Reading →
0

WordPress Site Owners – Update Now

WordPresslogoJust a quick note to my WordPress pals – the latest update, WordPress 4.2.3, has an import fix for a cross site scripting (XSS) vulnerability that leaves your site vulnerable to attack.  According to Sophos:

“The flaw allows WordPress users who have Contributor or Author roles to add javascript to a site (something normally reserved for Editors and Administrators) using specially crafted shortcodes.

Attackers ...

Continue Reading →
0

Using LastPass

lp-956I recently accepted the position of Secretary in the Twins Cities chapter of the International Information Systems Security Certification Consortium (ISC)2-TC, and in order to send me the passwords for certain online chapter assets, it was requested that I sigh up for the password management product, LastPass.  I have written previously about LastPass, KeePass, and RoboForm as recently as June 16. ...

Continue Reading →
0

PC Trial-ware Is a Security Risk

So you bought yourself a new computer.  It has everything, a touch screen, built in WiFi and Bluetooth, anything you could want.  And a whole bunch of stuff you didn’t want, in the form of pre-installed software programs, trial-ware, and other bloat-ware and crap-ware that causes an unrelenting stream of pop-ups asking you to purchase and activate these mostly worthless programs.

crapware2

As ...

Continue Reading →
0

How Secure Is Your Accountant’s Network?

This is the year that false tax return filing really made the news in a big way.  First, there was the exfiltration of return data from the IRS Get Transcript website, where many American taxpayers lost personally identifying information.  Now there is news of an attack by a Bulgarian cyber-criminal against the networks of four unidentified accounting firms, and the theft of the tax and personal information of around 1000 clients.  This crook has been extradited ...

Continue Reading →
0

Backup For Your WordPress Site

WordPresslogoOne of the most important and easily implemented security protections is data backup.  That’s right, backup is a part of a well crafted security program.  Because whatever the disaster, whether cyber-attack, theft, data corruption, hardware failure, fire, flood, or bad weather, having a good backup program means that you can recover from disaster and continue operations.

And one of the most important things to ...

Continue Reading →
0
Page 49 of 54 «...2030404748495051...»