Why Biometrics Aren’t the Answer

Happy World Password Day.  I have been following the progress that NIST is making in formulating new standards for user authentication.  Something I found surprising was that NIST is not recommending using biometrics as a form of authentication.  The two main reasons are that biometrics, such as fingerprints, iris scans, and voice recognition, are not a secret.  For instance, you leave your fingerprints behind everywhere you touch something. ...

Continue Reading →
0

FBI: Lottery Scammer Pleads Guilty

Back in December we wrote about FBI Operation Hard Copy in order to warn our readers about telemarketing lottery scams and how they work.  Recently, the FBI reported that one of the people arrested in that operation had plead guilty to one count of wire fraud.

According to the FBI:

Ronald John Mendleski, 72, of Bokeelia, Florida, pleaded guilty to one count of wire fraud before U. S. Magistrate Judge ...

Continue Reading →
0

US Cyber Command Takes on North Korean Missile Program

I read an interesting article in the New York Times earlier this month, about how the United States is using cyber-warfare tactics against North Korea to slow the development of an inter-continental ballistic missile that can reach the United States.  The effective range maps were startling.  (see below)

It seems that Trump has inherited a cyber war program from the Obama administration that was started 3 years ago and targeted the North Korean missile development program.  Since that time, there ...

Continue Reading →
0

US-CERT Warns About Airline Phishing Scams

What if there was a new phishing scam that had an open rate of 90%.  That’s right, this phishing email is so believable, 90 out of 100 recipients open the the attachment or click on the link without a second thought.

These attacks begin with the scammer researching the target victim.  These targets usually work at companies where there is a lot of air travel. ...

Continue Reading →
0

SCADA Systems Vulnerable Due to Hard Coded Passwords

We have discussed the dangers to what NIST identifies as Critical Infrastructure that exists because SCADA and other industrial control systems are designed to be run on “air-gapped” networks that are not connected to the public Internet.  Unfortunately, many of these systems are being connected to the Internet, if only in a tangential way.

The German security firm OpenSource Security recently found hard coded ...

Continue Reading →
0

Russian Bot-Herder and Spammer Pinched By FBI

Russian cyber-criminals are hard to arrest, because there is no extradition treaty between the US and Russia.  The Russian government allows them to prosper as long as they do not attack anything in Russia.  The Russian government also contracts with these criminal groups when they need some state sponsored hacking done, a la Grizzly Steppe.   In Russia, these guys are considered to be just very successful business men. They have achieved ...

Continue Reading →
1
Page 6 of 107 «...45678...»