000Webhost Loses Plaintext Passwords

000WebHost

This comes under the heading of “know who you are doing business with.”  Web hosting company 000webhost.com was breached this week and over 13 million customer records were stolen and posted for sale on the Internet.  The data includes customer names, emails and passwords in plaintext  (meaning the passwords were unencrypted).  Storing passwords in an unencrypted form should be a criminal act in itself, ...

Continue Reading →
0

Scary Disguises Hide Malware Too

goblinIt’s Halloween tomorrow, the traditional time when we dress up in scary or not-so scary costumes to disguise our identity and trick our friends and family.  It’s good to remember that malware often uses disguises to trick us into committing an action that releases the attack.  What follows are my scary Halloween stories.

  • Social Engineering – In this exploit the attacker may present themselves in person, over the phone, or by email, ...
Continue Reading →
0

Really Secure Email

ProtonMailOK, so Monday I lampooned the Director of the CIA for using AOL email to transmit top secret CIA files (yikes).  And of course we all remember the Hillary Rodham Clinton kerfuffle over her use of her own private email service to transmit State Department documents (better).  One has to assume that this pretty flagrant violation of what has to be well known government policies by people who probably know better has ...

Continue Reading →
0

Top Cybersecurity Threats in 2015

penetration_test_436x270The cybersecurity threat surface is constantly changing.  Below are listed the top areas of concern among cybersecurity experts.  Some are new, and some have been around seemingly forever.

New Threats

  • Emerging technologies and the Internet of Things (IoT).  It seems that all of our new toys are Internet enabled in some way, and many of these devices present a new attack surface for cyber-criminals.  The ...
Continue Reading →
0

Please Stop Falling For Tech Support Scams

STOP THE MADNESS!!  It drives me crazy when a client calls me AFTER spending an hour on the phone with some tech support scammer, and then thinks to call me after they have a problem “fixed” that they never had in the first place.

One of my clients recently fell for an interesting variation of the Tech Support Scam.  She did a Google search to find the HP technical support number, but the company she called, while at the top of ...

Continue Reading →
0

FBI Warns About IOT Vulnerabilities

IOTOne of the major trends in technology is the proliferation of smart devices, also known as the Internet of Things (IOT).   The FBI recently released a public service announcement titled “Internet of Things Poses Opportunites For Cyber Crime.”  More and more devices are are coming with software, processors and network capability, and connecting to our home and business ...

Continue Reading →
0

Security Improved in IOS 9

applelogoApple introduced IOS 9 recently and it is full of security improvements that matter.  You should upgrade if you haven’t already.  They include:

  • Passcodes increased from 4 digit to 6 digit PINs, which is 10,000 time stronger.
  • Two-factor authentication (2FA) for supported devices. Not all are, which is too bad.
  • Changes to the Apple Store to key annoying app vendors from bombarding you with crossgrade ads on products ...
Continue Reading →
0

Jeb Bush Defends NSA

jeb-bush-550Back on Sept 18 we criticized presidential candidate Jeb Bush, FBI Director James Comey, and other politicians for complaining that encryption was making it too hard to fight the “evil doers” and suggesting that some sort of “master key” or “backdoor” was needed by law enforcement and intelligence services to do their jobs.  We of course disagreed.

Around the same time that ...

Continue Reading →
0
Page 67 of 75 «...4050606566676869...»