Have you ever wondered why the state of cybersecurity is so screwed up? Why is it so easy for bad actors and cyber-criminals to hijack systems and steal information? Would you be surprised to learn the answer is because we designed it that way? Computers, networks, operating systems and software were designed to work together as easily as possible, and were inherently “trusted” by each other. In the beginning, most systems ...
In a not too distant future, you may be riding in an autonomous vehicle that is forced to decide between running over a pedestrian or a bicyclist. Or whether to crash into a tree or another automobile. It may make a decision you are not particularly happy with. These decisions will rely on “artificial intelligence” built into these cars. These decisions are being programmed right now by developers of autonomous ...
This post is funny only from the standpoint of “it’s funny how things turn out” or “its funny how big things start in small places.” More of a history lesson – but please bear with me and read on.
From the Stanford University website:
“On December 9, 1968, Douglas C. Engelbart and the group of 17 researchers working with him in the Augmentation Research Center at Stanford Research Institute ...
Continue Reading →
A quick Saturday digest of cybersecurity news articles from other sources.This entry was posted in Research, Wordfence, WordPress Security on December 5, 2018
The Defiant Threat Intelligence team recently began tracking the behavior of an organized brute force attack campaign against WordPress sites. This campaign has created a botnet of infected WordPress websites to perform its attacks, ...
Continue Reading →I recently started spending time in the Dark Web, learning how to use a VPN and the TOR browser to navigate the hidden services to be found there. I also have been presenting a “Tour of the Dark Web” to the public in a variety of business groups. I find the Dark Web to be a fascinating place, and so far the response from people attending my seminar indicates that I am not the only one. One of the problems ...
Continue Reading →Netherlands security company Black Box Security was raided by the Dutch Police and shuttered on suspicion of money laundering and operating a criminal enterprise. Black Box was the inventor of the Iron Phone and the Iron Chat app. Together, they were supposed to provide an unbreakable encrypted chat service. This service became a popular favorite among cyber and other criminals.
According ...
Continue Reading →
Two-factor and multi-factor authentication historically have been based on using two or more of three criteria: something you know (passwords), something you have (security token) or something you are (biometrics such as fingerprints). There have been two new additions to MFA criteria: something you do (keyboard cadence or mouse movement), and somewhere you are (geo-location through GPS or public IP address).
Google has been busy heightening the security for it’s account ...
Continue Reading →
A quick Saturday digest of cybersecurity news articles from other sources.
You do not have to give your passcode to the police. The courts say it amounts to self-incrimination. The government isn’t really after the password, after all; it’s after any potential evidence it protects. In other words: fishing expedition.
This article is an amusing collision between our last two topics – the problems with two-factor and multi-factor authentication and our four-part story on Google’s data mining habits. Google has developed and released their Titan MFA security key as a more secure way to implement multi-factor authentication that can’t be attacked through phishing and man-in-the-middle exploits. So if you can ...
