The Must Have Characteristics of a Cybersecurity Pro

So you think you want to be a cybersecurity professional?  Or maybe you know (or are) a middle school (that’s right, start ’em young),  high school, or college student who is looking at cybersec as a career path.  What personality characteristics would you need to be successful?  What drives, motivates, and challenges a cybersecurity professional?  Just what kind of wingnut are ...

Continue Reading →
0

Problems with Password Manager Phone Apps

If you use a password manager app on your smartphone, it may be vulnerable to package name spoofing, which would allow the password manager’s autofill feature to enter your login credentials on a spoofed web form.  This vulnerability applies to popular apps from LastPass, Dashlane, Keeper, and 1Password.

I have been an advocate for password managers.  They are part of the solution to creating ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


National Cybersecurity Awareness Month: Cybersecurity at Home

10/02/2018 06:32 AM EDT  Original release date: October 02, 2018

October is National Cybersecurity Awareness Month (NCSAM), an annual campaign to raise awareness about cybersecurity. The National Cyber Security Alliance (NCSA) has published general tips to help ...

Continue Reading →
0

What Might A Future Cyber-War Look Like?

We have entered the age of cyber war.   Believe it or not, cyber war operations are going on right now in many places across the globe.  Most of these operations are covert, and often hard to attribute directly to a particular nation-state or adversary.

Marc Cancian has written a gripping report titled Coping with Surprise in Great Power Conflicts.  It ...

Continue Reading →
0

US Cyber Command Changing the Rules of Engagement

The best defense is a good offense.  Especially if you are “defending forward.”  So what does that mean?

The US Cyber Command has a new leader.  Lt. Gen. Stephen G. Fogarty assumed command of U.S. Army Cyber Command on June 1, 2018.  His mission is to make Cyber Command more aggressive in its response to cyber-attacks on assets in the United States.  The ...

Continue Reading →
0

Using DNS Proxies for Security

What if there was a simple change you could make to your computer’s network configuration that would go a long way to protecting you from picking up malware on the Internet.  This change could even protect you from accidentally clicking on malicious links in phishing emails.  What if this simple fix could keep malware already on your computer from “phoning home” to the command ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers

and

APTs Targeting IT Service Provider Customers

10/03/2018 10:56 AM EDT  Original release date: October 03, 2018

The National Cybersecurity and Communications Integration Center (NCCIC) has received multiple reports of advanced persistent threat (APT) actors actively exploiting trust relationships in information ...

Continue Reading →
0

Exploit Targets Info Tech Support Companies

The holy grail of a cyber-attacker is the ability to achieve remote access to a computer on a network.  It is even better when the attacker can get administrator privileges.  Then they have the ability to do anything they need to do on the compromised computer to cross the network and compromise other computers and servers.  Who has this kind of access already?  ...

Continue Reading →
0

National Cyber Security Awareness Month

This October, National Cybersecurity Awareness Month is commemorating its 15th year as an annual initiative to raise awareness about the importance of cybersecurity. NCSAM 2018 is a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online, while increasing the resiliency of the Nation during cyber-threats. DHS is ...
Continue Reading →
0

Securing the Domain Name Service

One of the most important systems that makes the Internet easy to use has absolutely no security in its current form.  This means that your Internet service provider (and some others) can easily see every website that you visit. (Since  you have “nothing to hide” this should not be a problem, right?)

DNS or the Domain Name System is the networking protocol that finds websites and resources on the ...

Continue Reading →
0
Page 2 of 61 12345...»