Netgear Routers Will Need Firmware Update.

If you own a Netgear wireless router, especially the R6200, R6250, R6400, R6700, R6900, R7000, R7100LG, R7300, R7900, R8000, D6220, and D6400 routers and possibly other models are vulnerable to arbitrary command injection.  This is a security bug that could allow a remote attacker to access your router.  This vulnerability was announced by US-CERT on December 9th, and reported in Naked Security on December 12th.

Vulnerabilities such as this one ...

Continue Reading →
1

Crystal Ball Gazing for 2017

This is the time of the year everyone writes either a year in review article, or a what’s coming in the new year post.  Guess which one this is?  I’ve been reading the pundits, and considering my own findings as a cybersecurity professional.  I pulled together the following list for your review, and to help you plan where to spend your time, talent, and budget in 2017.

  • Continued issues with crypto-ransomware in 2017 ...
Continue Reading →
0

10 Tips To Secure Your New Christmas Devices

If Santa brings you a bunch of new electronic toys for Christmas, take an extra moment to secure them properly.  Many new devices will work fine straight out of the box, but this usually means they are set up with very insecure manufacturer defaults.  Here are our tips:

  • Default passwords – Always take a moment to replace the default user name and password (often just “admin” and “password”) with something more secure.  Passwords should be ...
Continue Reading →
0

Are ICS and SCADA Systems the Next IOT Disaster?

industrial-securityThere is a lot of talk in the cybersecurity world about Industrial Control Systems (ICS) and Supervisory Control And Data Acquisition (SCADA) systems that run the US power grid, water utilities, gas piplines, oil refineries, and countless factories.  We discussed how all this might play out in the electrical grid when I reviewed Ted Koppel’s new book Lights Out.

We saw the kind of damage that an IoT botnet could ...

Continue Reading →
0

Cybersecurity Top 10

cybersecurity_436x270As we approach year-end, many small and medium sized business owners and managers are coming to the realization that their best intentions for creating a cybersecurity program in their organization have fallen short.  This was the year, you promised yourself, that we get a handle on computer and network security.

Well it is not too late to get a start, and here is a short ...

Continue Reading →
0

Fixing Your Infected IoT Devices

mirai-botnetThe Mirai and Bashlight botnets have caused quite a stir in the cybersecurity and IT realms.  The easy ability to round up and deploy millions of devices in a botnet using automated tools has raised the bar.  How we respond to DDoS attacks will have to change.

Nevertheless, you can remove your IoT devices from the bot-net and keep them from being reacquired.  Here are some easy solutions:

First, as clever as these exploits ...

Continue Reading →
0

Mirai and Bashlight Show the Power of IOT Botnets

mirai-botnetI was tempted to post this article late in October, when Brian Krebs suffered with the DDoS attack on his website, or when the Mirai botnet attack on DynDNS was in full swing, but decided to wait it out until after the election, in case it turns out that the Dyn attack was a precursor to an attack to disrupt the elections.  And as of today, it appears that it was not.

Up ...

Continue Reading →
0

More Notes from the Cyber Security Summit 2016

cyber-security-summit-2016On Wednesday we looked at several of the important takeaways from this year’s Cyber Security Summit.  Here are a few more.

  • Small businesses need to stop using public email services such as Gmail, Yahoo, or Hotmail for their business email.  User credentials for 500,000 Yahoo email accounts have been stolen, and it could happen to the others.  If you have a domain name you are using for a web site, then you should ...
Continue Reading →
0

What Happens If The Lights Go Out?

lights-outI attended the (ISC)2 Security Congress in September, and one of the featured speakers was well known television journalist Ted Koppel.  He gave a presentation about his new book Lights Out:  A Cyberattack, A Nation Unprepared, Surviving the Aftermath.  You are probably wondering, as I was, what would make Ted Koppel an authority on this particular subject?  The answer is that ...

Continue Reading →
0

The Circle

the-circleI recently read Dave Eggers book The Circle at the recommendation of a friend in the cybersecurity profession.  While I don’t do book reviews in this blog very often, I thought I would throw in my two cents about this book.

I was recommended this book during a cybersecurity training class. I do want to say that this book looks unblinkingly at some ...

Continue Reading →
0
Page 3 of 4 1234