It’s Halloween tomorrow, the traditional time when we dress up in scary or not-so scary costumes to disguise our identity and trick our friends and family. It’s good to remember that malware often uses disguises to trick us into committing an action that releases the attack. What follows are my scary Halloween stories.
One of the major trends in technology is the proliferation of smart devices, also known as the Internet of Things (IOT). The FBI recently released a public service announcement titled “Internet of Things Poses Opportunites For Cyber Crime.” More and more devices are are coming with software, processors and network capability, and connecting to our home and ...
Apple introduced IOS 9 recently and it is full of security improvements that matter. You should upgrade if you haven’t already. They include:
Back on Sept 18 we criticized presidential candidate Jeb Bush, FBI Director James Comey, and other politicians for complaining that encryption was making it too hard to fight the “evil doers” and suggesting that some sort of “master key” or “backdoor” was needed by law enforcement and intelligence services to do their jobs. We of course disagreed.
Around the same time ...
Continue Reading →
Here are a couple of recent stories where a large information technology companies refused to turn over information to the government.
The first involves Apple, which was given a wiretap order to turn over certain communications between two alleged drug dealers on the iMessage platform. Apple wasn’t so much refusing to comply as pointing out that this messaging service is encrypted end to ...
Continue Reading →
I am often asked by frustrated clients “Why doesn’t traditional anti-virus and Internet security software products work?” The unfortunate answer I have to give them is “It’s your fault.” The more diplomatic answer I really use is that the security software cannot prevent something that is explicitly allowed by the computer user. And the computer user is easily tricked into opening a ...
One of the goals of this website is to help small business owners and regular folks secure their digital world by providing useful information that can be put into practice. Today we are going to be looking at what sorts of digital assets need securing.
Back in August, presidential candidate Jeb Bush came out against encryption. Makes it too hard for law enforcement to figure out what the “evildoers” are up to, he says. I agree that encryption makes it impossible to figure out what the Wall Street executives who are funding every presidential campaign, by the way, are inventing now to ruin the American economy again and take a third trip into looting the 401K and ...
Since 2013, cyber-criminal gangs working from the Middle East, Africa, and eastern Europe have scammed businesses out of $1.2 billion dollars worldwide, with over 700 US businesses reporting $747 million in losses to this exploit. In 2015 alone there has been a 270% increase in losses to this scam. On August 28th, the FBI warned business owners and manager to be on ...
Now that football season has started, there will be a lot of discussion about why great defenses don’t win football games. Defense is not enough in the realm of cybersecurity, either. I recently attended a webinar put on by The Open Web Application Security Project (OWASP) featuring Mike Benkovich (@mbenko) that discussed this concept as it applied to the DevSecOps (or SecDevOps) or the secure development of web applications. It is not enough to write code that works, it also ...
Continue Reading →