I’ve been warning about the dangers of self-aware machines for some time.
Here is a story about how a toaster disrupted a keynote address by ARM CEO Simon Segars at the annual ARM TechCon Conference. It seems that the toaster was toasting a bagel which got stuck, and started burning. The smoke caused the fire alarms to go of in the middle ...
Continue Reading →
According to a post on Sophos, Comcast has reset the passwords on 200,000 customers after a security researcher discovered an advertisement on the Dark Web offering to sell 500,000 Comcast passwords in pain text for $1000 in BitCoin. Investigation by Comcast found that “only” 200,000 of there accounts were active and proactively reset the passwords on all the affected accounts. ...
Would you buy your password from an 11-year old girl? I would, and maybe you should, too. Mira Modi, an 11-year old New Yorker, has very very cool service called Diceware. Using a technique developed by Arnold Reinhold, Mira uses dice to come up with a unique 6 word passphrase, which she will send to you in the US Mail. Her fee is two bucks.
Understanding that passwords are cracked by cyber-criminals one of two ways, either ...
Continue Reading →
I read an article recently on Dark Matters, by Bob Monroe, that talked about smartphones from the perspective on an attacker – just how good of an attack surface is your average smartphone? Pretty good, as it turns out, which is not so good for you and me.
The first problem is that these little computers are very chatty. If they are turned on, they are talking to the nearest ...
Continue Reading →
We recently learned that credit report service Experian had a breach of T-Mobile customer information. This is just another addition to the pile of Personally Identifying Information (PII) that has been exfiltrated from sundry organizations including the Office of Personnel Management, various BlueCross BlueShield organizations, and Harvard University.
So what to do when this happens to you? When you are notified by the ...
Continue Reading →
We try to save up some funny stuff for our Sunday Funnies post, and I admit this is pretty borderline. Maybe not funny. But I do love corporate-speak, and since tomorrow we will be discussing the things you can do if your personal information is part of a data breach, we thought this might be a fun way to open this discussion.
Thanks to our friends at Sophos, for ...
Continue Reading →
Using BASIC or Visual BASIC programming scripts can add automation and other functions to documents created in the Microsoft Office productivity suite of products. Unfortunately, this feature can be used by cyber-attackers to send malware exploits in otherwise innocuous looking documents that most people would open without a second thought.
The macro virus goes back to 1995, the most infamous being the Melissa email macro virus that $80 million in damages to ...
Continue Reading →
The new EMV chip-style credit cards are here, and the FBI has already released a warning about the way they are being deployed in the United States. The EMV card has been in continuous use in Europe and Asia for over a decade, and has worked well to reduce the amount of credit card fraud there. We have had to wait here in the US simply because it ...
Back in July we wrote a review of our experiences with LastPass, a popular password management program. For the record, I am still using it, and still liking it, although there is no way I would use a password manager without some form of two-factor authentication, such as Google Authenticator. For some people, this is going to be too much.
There ...
Continue Reading →Great advice, but the whole exchange by text kind of kills operational security on this caper. From Pinterest
