Password Strategy Part 1

passwordToday we start a three article series on developing good password strategy for you small business.  As it happens, there is a great resource available courtesy of Her Majesty’s Government.  The British signals intelligence department, GCHQ, has published a guide to password policy entitled Password Guidance: Simplifying Your Approach.  This 12 page guide offers password advise in seven sections.  They are:

  • Change all default passwords on devices that you deploy on ...
Continue Reading →
0

AppGuard – Computer Security That Works

AppGuardI am often asked by frustrated clients “Why doesn’t traditional anti-virus and Internet security software products work?”  The unfortunate answer I have to give them is “It’s your fault.”  The more diplomatic answer I really use is that the security software cannot prevent something that is explicitly allowed by the computer user.  And the computer user is easily tricked into opening a file ...

Continue Reading →
0

Presidential Candidates Against Encryption

encryptionBack in August, presidential candidate Jeb Bush came out against encryption.  Makes it too hard for law enforcement to figure out what the “evildoers” are up to, he says.  I agree that encryption makes it impossible to figure out what the Wall Street executives who are funding every presidential campaign, by the way, are inventing now to ruin the American economy again and take a third trip into looting the 401K and IRA ...

Continue Reading →
0

FBI Warns About $1.2 Billion Fraudulent Invoice Scam

email1-500Since 2013, cyber-criminal gangs working from the Middle East, Africa, and eastern Europe have scammed businesses out of $1.2 billion dollars worldwide, with over 700 US businesses reporting $747 million in losses to this exploit.  In 2015 alone there has been a 270% increase in losses to this scam.  On August 28th, the FBI warned business owners and manager to be on guard ...

Continue Reading →
0

Why Defense Doesn’t Work

Now that football season has started, there will be a lot of discussion about why great defenses don’t win football games.  Defense is not enough in the realm of cybersecurity, either.  I recently attended a webinar put on by The Open Web Application Security Project (OWASP) featuring Mike Benkovich (@mbenko) that discussed this concept as it applied to the DevSecOps (or SecDevOps) or the secure development of web applications.  It is not enough to write code that works, it also ...

Continue Reading →
0

Beware Pop-Up Security Alert Scam

I have been getting a lot of calls about this one, and I finally was able to get a screen print of the message.  When this happens to you – DO NOT CALL the provided number.  You will end up allowing them to connect remotely and then they will convince you to spend $300 to fix the problem.  You do not really have a problem, until you make the call.  To fix this, read to the bottom.

Continue Reading →

0

DDoS Extortion Attack Explained

DDos2A Distributed Denial of Service (DDoS) attack happens when a malicious group in possession of a large botnet starts sending an never-ending stream of connection requests and other types of traffic in order to overwhelm your web server, ecommerce operations, or other web connect assest.  Often the motive for these attacks are to extort money from the targeted victim, but sometimes these attacks may be social or politically motivated as well.

A ...

Continue Reading →
0

Kaspersky Hacks Rivals?

kasperskyKaspersky is a security software company with a pretty good reputation.  Their products usually score in the top five in any independent malware detection and removal test.  Of course, they are a company that is headquartered in Russia, which might just make you a little nervous.

But many high quality security software companies are located in places like Finland (F-Secure), Czech Republic (AVG), The UK (Sophos), and Spain (Panda). And the Unites States ...

Continue Reading →
0

This Website Is Being Attacked

As a side note to my day today, for the last 24 hours or so someone, or several someones, have been attempting to brute force the login credential for this web site.  Thanks to my web site security, I am aware of the attempts, and it appears that the security applications are doing a great job of preventing an intrusion.  Besides the automated password cracking attempt, there have been SQL injection attempts blocked, spam comments blocked, and even a DDoS attack thwarted.

Some of ...

Continue Reading →
0
Page 68 of 75 «...4050606667686970...»