If you own a Netgear wireless router, especially the R6200, R6250, R6400, R6700, R6900, R7000, R7100LG, R7300, R7900, R8000, D6220, and D6400 routers and possibly other models are vulnerable to arbitrary command injection. This is a security bug that could allow a remote attacker to access your router. This vulnerability was announced by US-CERT on December 9th, and reported in Naked Security on December 12th.
Vulnerabilities such as this one ...
Continue Reading →
13
JAN
JAN
1
Share
There are a number of great frameworks for developing your cybersecurity plan. Two of our favorites are the 
The Federal Trade Commission recently released an warning about fraudulent mobile apps. These apps are designed to steal personal information such as user names, passwords, credit card numbers, and other personal information.
The United States recently accused the Russian government of trying to influence US elections last November, and has expelled 35 Russian diplomatic officials and closed two Russian diplomatic facilities, one in New York City, and the other in Maryland, near Washington DC.
The House Judiciary Committee’s Encryption Working Group has released a 
This is the time of the year everyone writes either a year in review article, or a what’s coming in the new year post. Guess which one this is? I’ve been reading the pundits, and considering my own findings as a cybersecurity professional. I pulled together the following list for your review, and to help you plan where to spend your time, talent, and budget in 2017.
Cybersecurity professionals are in agreement. The Russians appear to have been actively engaged in influencing the outcome of our recent Presidential election. Specifics include compromising and taking over Hilary Clinton’s chief of staff, John Podesta’s personal Gmail account. This spear phishing exploit used a “near-miss” domain name of “accounts.googlemail.com” to trick John into clicking on a link and and entering his email credentials. The real domain name is accounts.google.com.
If Santa brings you a bunch of new electronic toys for Christmas, take an extra moment to secure them properly. Many new devices will work fine straight out of the box, but this usually means they are set up with very insecure manufacturer defaults. Here are our tips:
This actually is in the “good news” department. The some security folks at Facebook are scouring the Dark Web, looking for rainbow tables of user names and passwords in order to find Facebook users who may be reusing the same password on multiple sites. As we have discussed here many times, password reuse creates a serious security vulnerability. If the cyber-crooks have your password for one site, they will try it on ...
There is a lot of talk in the cybersecurity world about Industrial Control Systems (ICS) and Supervisory Control And Data Acquisition (SCADA) systems that run the US power grid, water utilities, gas piplines, oil refineries, and countless factories. We discussed how all this might play out in the electrical grid when I reviewed Ted Koppel’s new book