Web Tracking Via Browser and Device Profiling – No Cookies Needed!

I know many people who are religious about deleting their cookies and browser history in an effort to improve their online privacy.  I know others who have carefully gone through all the security settings on their browsers, and social networking sites for the same reason.  If this sounds like you, I have bad news.

I’ve been using Opera to browse the web, and trying out the ad-blocking feature and the location cloaking “VPN” ...

Continue Reading →
0

Top Cyber Threats for 2017

2017 is promising to be another difficult year for cyber-defenders who are protecting company and government networks from attack.  Here are what I think will be the top attack vectors this year.

Business Email Compromise

CEOs and other C suite officers will increasingly be targeted for email account hijacking.  This is an easy exploit to run because high ranking employees and officers often are ...

Continue Reading →
0

US-CERT Releases More About Grizzly Steppe

US-CERT just released more information about the Grizzly Steppe cybercrime group who has been fingered for hacking the DNC and US voter registration databases.  The short  report, titled Enhanced Analysis of GRIZZLY STEPPE Activity, makes interesting reading, especially if you are interested in finding out more about state-sponsored political espionage.  See pages 4-7 for the main story.

The Grizzly Steppe group is certainly ...

Continue Reading →
0

Should You Use Domain Privacy?

I will start out by admitting that I hate Domain Privacy.  But I just read a story in Naked Security on February 9th that is causing me to reevaluate my opinion.  It turns out that the new White House press secretary, Sean Spicer, has a personal website at www.seanspicer.com.   The website has been turned into a private site, but the WHOIS record ...

Continue Reading →
0

Malware Turns Smartphone Into Eavesdropper

I read an interesting article on Naked Security the other day about how Hamas had used Facebook and social engineering tactics to trick Israeli soldiers into installing surveillance malware.  The malware allowed Hamas to track the soldiers using the phone’s GPS, and to turn on the microphone and video to actually listen in and and watch their targets.  Hamas undoubtedly picked up the malware ...

Continue Reading →
0

Facebook Strengthens Password Recovery Process

As a regular reader of this blog, you are probably using a long, unique, 20 character password with two-factor authentication, and a password manager to keep it all straight.  But let’s say that you fall for a phishing scam, and give away the password to your email account.  The attacker can now use your email account to request password reset emails from your other online accounts, and you have yourself one big ...

Continue Reading →
0

Facebook Adds USB Key Two-Factor Authentication

Facebook has added USB key security to it’s two-factor authentication options.  Previously, Facebook users could add the additional security of two-factor authentication to their account by using the Facebook app to receive a six digit one-time passcode, or by having the code sent to their smart phone via SMS text message.  Facebook now supports the open-source Universal 2 Factor (U2F) standard established by the FIDO Alliance, such as the  Yubikey from Yubico.

Continue Reading →

0
Page 4 of 101 «...23456...»