Anti-Drone Tactics

Drones have become the must-have item for many people this year.  Some of them are your neighbors, and they may be annoying you or intruding on your privacy.  On the other hand, it may be a member of our military hunting a terrorist.  Or, increasingly, it may be a terrorist using a drone to provide surveillance, or worse yet, deliver something deadly like a ...

Continue Reading →
0

The Google Docs Hoax: What Have We Learned?

It has been a couple of weeks since the Google Docs hoax spread across the Internet like wildfire.  What have we learned about this exploit?

Originally this appeared to be a phishing campaign, but phishing emails are spoofed clever replicas.  These emails were the genuine article, and were sent from Google mail servers, from the hijacked Google accounts of people you were likely to know.  This made the exploit difficult to detect, ...

Continue Reading →
0

The Economics of the Tech Support Scam

We have reported a few times about the tech support scammers who use cold-calling phone lists or browser pop-ups with 800 number “support” lines to trick people into paying $300 or more for “malware removal” and other services that the computer doesn’t need.  And the pop-ups can be scary and convincing as in the example image.

Naked Security recently reported on the work of ...

Continue Reading →
0

Linksys Wireless Routers Have Security Vulnerabilities

Research firm IOActive recently released a an article that revealed some serious security deficiencies on popular Linksys Smart Wi-Fi products.  They have notified Linksys, and Linksys is working on the firmware upgrades that will be necessary to fix these issue, and they have issued a security advisory.

Among the vulnerabilities discovered:

  • Unauthenticated attacker can create a denial-of-service ...
Continue Reading →
0

Why Biometrics Aren’t the Answer

Happy World Password Day.  I have been following the progress that NIST is making in formulating new standards for user authentication.  Something I found surprising was that NIST is not recommending using biometrics as a form of authentication.  The two main reasons are that biometrics, such as fingerprints, iris scans, and voice recognition, are not a secret.  For instance, you leave your fingerprints behind everywhere you touch something. ...

Continue Reading →
0

FBI: Lottery Scammer Pleads Guilty

Back in December we wrote about FBI Operation Hard Copy in order to warn our readers about telemarketing lottery scams and how they work.  Recently, the FBI reported that one of the people arrested in that operation had plead guilty to one count of wire fraud.

According to the FBI:

Ronald John Mendleski, 72, of Bokeelia, Florida, pleaded guilty to one count of wire fraud before U. S. Magistrate Judge ...

Continue Reading →
0

SCADA Systems Vulnerable Due to Hard Coded Passwords

We have discussed the dangers to what NIST identifies as Critical Infrastructure that exists because SCADA and other industrial control systems are designed to be run on “air-gapped” networks that are not connected to the public Internet.  Unfortunately, many of these systems are being connected to the Internet, if only in a tangential way.

The German security firm OpenSource Security recently found hard coded ...

Continue Reading →
0

LastPass Quickly Fixes Reported Flaws

I use LastPass to manage all my passwords, and recommend LastPass to my clients and followers.  Often, when I am talking about storing passwords in the cloud, as LastPass does, I get concerned questions about the safety of storing your digital “keys” online.  What happens if LastPass is breached?

Well, the bad news is that they were breached around June 15, 2015.  I remember getting the email alert from them at the time, ...

Continue Reading →
0
Page 2 of 10 12345...»