The holy grail of a cyber-attacker is the ability to achieve remote access to a computer on a network. It is even better when the attacker can get administrator privileges. Then they have the ability to do anything they need to do on the compromised computer to cross the network and compromise other computers and servers. Who has this kind of access already? ...
This October, National Cybersecurity Awareness Month is commemorating its 15th year as an annual initiative to raise awareness about the importance of cybersecurity. NCSAM 2018 is a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online, while increasing the resiliency of the Nation during cyber-threats. DHS ...
One of the most important systems that makes the Internet easy to use has absolutely no security in its current form. This means that your Internet service provider (and some others) can easily see every website that you visit. (Since you have “nothing to hide” this should not be a problem, right?)
DNS or the Domain Name System is the networking protocol that finds websites and resources on ...
Continue Reading →
Is Linux “safer” to use than Windows? Is it immune to malware? You may be under the assumption that Linux is not vulnerable to the same exploits that plague Windows systems. If so, you would be incorrect. Linux has its very own set of vulnerabilities and working exploits, and Linux servers and computers need anti-malware software protection just as much as their Windows counterparts. Today we will look at some ...
A quick Saturday digest of cybersecurity news articles from other sources.
From the About Damn Time Dept.
Often it seems that security policies are designed with the assumption that average computer users are ID10Ts (idiot users). Related terms such as PEBKAC (Problem Exists Between Keyboard And Chair), PICNIC (Problem In Chair, Not In Computer), IBM error (Idiot Behind Machine error) and other similar phrases illustrate the dark side of our interactions with our users. Sometimes we allow ...
There are members of the cybersecurity profession who say that Cybersecurity Awareness Training is a waste of time and money, because the average computer user just doesn’t care or can’t retain technical information. To them, I repeat a quote from Eppie Lederer aka Ann Landers – “If you think education is expensive – try ignorance.” I firmly believe that one of the best returns on investment in the cybersecurity realm is Cybersecurity Awareness Training for your employees.
You and your employees are ...
Continue Reading →
You think you are the clever one because you never use the Internet for online banking, online shopping, or managing accounts like your retirement account, gas and electric utilities, telephone, cell phone, and Internet. Open a Facebook account? Never! You think you are safer from account hijacking and identity theft because you never set up any online accounts. If you don’t have it, they can’t hack it – right? Wrong!
If ...
Continue Reading →
From former Senator Ted Stevens announcing that “the Internet is a series of tubes,” to the recent revocation of network neutrality to this current idiotic “bipartisan” idea (Senators Cory Gardner (R-CO) and Chris Coons (D-DE) announced the Cyber Deterrence and Response Act (S.3378) on August 23rd.) our elected officials prove over and over why lawyers in general and legislators specifically suck at tech.
It appears that these two gentlemen ...
Continue Reading →