Cybersecurity Basics

It’s April Fools Day, and in honor of those people who are still trading away safety for convenience when working with a computer or online, we have a short list of simple and basic security methods.  If you are someone who provides “tech support” for a family member or are the “go-to” unofficial tech support in a small business, this is a good place to start.

Behaviors

This is simple stuff, but important, ...

Continue Reading →
1

The NSA Releases Reverse Engineering Tool

Here’s a kick in the head.  Your tax dollars at work in a way that may save you a bunch of money.  The National Security Agency has voluntarily released a software reverse engineering tool called Ghidra at the RSA security conference.  The NSA has been using this tool internally to take apart and analyze malicious code, and to find vulnerabilities in commercial software ...

Continue Reading →
0

Docker Vulnerability Allows Crypto-Miner Access

If you are running a fleet of virtual machines using popular containerization solution Docker, you may be in for a nasty surprise.  A couple of vulnerabilities have been discovered in Docker that has been exploited by cyber-criminals to run the Monero crypto-currency miner on affected Docker containers.  This will of course have a serious impact on performance, and in an environment where billing is usage based, this will increase your costs.

Security ...

Continue Reading →
0

Most Common Malware of 2019 (So Far)

In 2015 and 2016 the winner was crypto-ransomware exploits.  In 2017 and 2018 the most common exploit was Business Email Compromise, aka Email Account Hijacking (BEC/EAC).  This is year is shaping up to be the year of the crypto-mining exploit.

Here are the crypto-mining malware programs that are the most prevalent:

  • AuthedMine – A variant of Coinhive, AuthedMine ios supposed to require an explicit opt-in ...
Continue Reading →
0

New WordPress Security Options

I have developed some expertise around the area of WordPress security.  One of my clients has a WordPress site under development, and recently the web designer changed the name of the login URL from https://clientsite.com/wp-admin to https://clientsite.com/A9u3ycGH37.  Basically, the wp-admin page name had been replaced with random characters.  I found out when I tried to log in using the usual URL.  I wondered ...

Continue Reading →
0

Computer and Networking Shortcuts Create Vulnerabilities

Most victims of cyber-crime created the vulnerabilities that allowed their computer, network, email account, website, or other service get hijacked.  In many cases, especially in the consumer or small business networking environments, they just don’t know what to do, or what to be looking for.  But even in business network environments where IT professionals have been in charge of operations, decisions ...

Continue Reading →
0

Stupid Politicians – Australia Edition

Thank God this hasn’t happened here in the United States (yet).  It is not for lack of trying by US law enforcement agencies, though.  What am I talking about?  Australia recently passed the controversial and totally STUPID anti-encryption law called Telecommunication & Other Legislation Amendment (Assistance & Access) Act of 2018 (TOLA).

TOLA is supposed to ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Tell Congress to Restore Full Net Neutrality Protections

From the Electric Frontier Foundation (EFF).  Do you  like what has happened to your cable and Internet service?  In December 2017, the FCC voted to roll back the 2015 Open Internet Order, giving Internet service providers (ISPs) free reign to engage in unfair and discriminatory data practices. That decision ...

Continue Reading →
0

VPN Encryption Protocols Explained

A VPN can provide a way to keep your location private by replacing the IP address of your ISP’s gateway router with an anonymous IP from the VPN provider’s pool.  It will prevent your ISP, or Google and other websites from discovering your location, tracking your activity online, or saving your search history.  The contents of your communications are changed from plaintext to ...

Continue Reading →
0
Page 3 of 69 12345...»