Happy World Password Day. I have been following the progress that NIST is making in formulating new standards for user authentication. Something I found surprising was that NIST is not recommending using biometrics as a form of authentication. The two main reasons are that biometrics, such as fingerprints, iris scans, and voice recognition, are not a secret. For instance, you leave your fingerprints behind everywhere you touch something. ...
Back in December we wrote about FBI Operation Hard Copy in order to warn our readers about telemarketing lottery scams and how they work. Recently, the FBI reported that one of the people arrested in that operation had plead guilty to one count of wire fraud.
According to the FBI:
Continue Reading →Ronald John Mendleski, 72, of Bokeelia, Florida, pleaded guilty to one count of wire fraud before U. S. Magistrate ...
I received an email from Natasha Wentz at MakeAWebSiteHub.com. She had seen my earlier article on securing WordPress, and asked to be added to the resource list. I took a look at the article, and decided that it was too good to bury in a year-old post, and I offered to write this post to feature their article.
We have discussed the dangers to what NIST identifies as Critical Infrastructure that exists because SCADA and other industrial control systems are designed to be run on “air-gapped” networks that are not connected to the public Internet. Unfortunately, many of these systems are being connected to the Internet, if only in a tangential way.
The German security firm OpenSource Security recently found hard ...
Continue Reading →
I use LastPass to manage all my passwords, and recommend LastPass to my clients and followers. Often, when I am talking about storing passwords in the cloud, as LastPass does, I get concerned questions about the safety of storing your digital “keys” online. What happens if LastPass is breached?
Well, the bad news is that they were breached around June 15, 2015. I remember getting the email alert from them at the ...
Continue Reading →
A new exploit is using Microsoft Office documents to deliver malware. This is different from the reanimated macro exploits. If this exploit, the target will receive an Office document, such as a Word file, as an email attachment. Opening the attachment causes a malicious HTML application to be downloaded from the attackers C2 server. This is executed as an .hta file, disguised as an RTF file. The result is the ...
CAPTCHA, or Completely Automated Procedures for Telling Computers and Humans Apart, was a system first theorized by cryptographer Alan Turing in 1950. We find these little “I am not a robot” challenges popping up all over the place, especially when creating a new account, registering for a web service the first time, or sometimes as form of poor man’s two-factor authentication. ...
Everything you can think of and many things you have never dreamed of are being manufactured with little Linux operating systems and wireless Internet connections. Or in simpler terms, a brain, storage, and communications ability. This is the Internet of Things (IoT). Lots and lots of “smart” devices talking to each other and phoning home to some data collection or dissemination point. If only the people who are designing these ...
Yes, I have. A “breach” is an computer security incident where a website’s data has been illegally accessed by cyber-attackers and released publicly.
I know that my main email account has been compromised in the past, and used for sending Spam, because my hosting provider disabled my email account and hosting account until I had an opportunity to change my password.
I know that all my websites are under continuous automated password guessing attack, ...
Continue Reading →
We can’t talk about robots without thinking about robots running amok as in the Terminator movies. But it turns out that most of the robots that are available today can be easily hacked by humans.
Robots are showing up in industrial settings, in hospitals, on our roads as autonomous vehicles, in secure facilities as guards, and in our homes, as carpet cleaners, children’s companions. Soon they will be everywhere, assisting, working, ...
Continue Reading →