As we approach year-end, many small and medium sized business owners and managers are coming to the realization that their best intentions for creating a cybersecurity program in their organization have fallen short. This was the year, you promised yourself, that we get a handle on computer and network security.
Well it is not too late to get a start, and here is a short ...
Continue Reading →
The Mirai and Bashlight botnets have caused quite a stir in the cybersecurity and IT realms. The easy ability to round up and deploy millions of devices in a botnet using automated tools has raised the bar. How we respond to DDoS attacks will have to change.
Nevertheless, you can remove your IoT devices from the bot-net and keep them from being reacquired. Here are some easy solutions:
First, as clever as these ...
Continue Reading →
I was tempted to post this article late in October, when Brian Krebs suffered with the DDoS attack on his website, or when the Mirai botnet attack on DynDNS was in full swing, but decided to wait it out until after the election, in case it turns out that the Dyn attack was a precursor to an attack to disrupt the elections. And as of today, it appears that it was ...
On Wednesday we looked at several of the important takeaways from this year’s Cyber Security Summit. Here are a few more.
I attended the (ISC)2 Security Congress in September, and one of the featured speakers was well known television journalist Ted Koppel. He gave a presentation about his new book Lights Out: A Cyberattack, A Nation Unprepared, Surviving the Aftermath. You are probably wondering, as I was, what would make Ted Koppel an authority on this particular subject? The answer is ...
I recently read Dave Eggers book The Circle at the recommendation of a friend in the cybersecurity profession. While I don’t do book reviews in this blog very often, I thought I would throw in my two cents about this book.
I was recommended this book during a cybersecurity training class. I do want to say that this book looks unblinkingly at ...
Continue Reading →
Back on August 31 I received an email from the Department of Homeland Security about a set of FTC recommendations for people using rental cars. I have experienced this issue myself. Basically, it is simple and relatively convenient to connect a smartphone to the smart vehicle’s infotainment system in order to enjoy hands free phone calls, stored musical tracks, and the phone’s navigation application. The problem is that the ...
As we add more mobile and portable devices to our digital collection, cybersecurity for mobile devices becomes more important. Smartphones, tablets, wearable tech, and ultra-portable laptops are certainly convenient and easy to carry, but that makes them easy for a thief to carry off. When these devices are stolen, you lose much more than the hardware. Every bit of information on the device is up for grabs too, from contact lists, personal information, ...
Sometimes in the maelstrom of cybersecurity battles, it is helpful to step back and see where we came from, where we are, and where we are going. This year, in addition to studying for and passing the CISSP exam, I have been to a bunch of security conferences. I’ve been to MISC.conf, Secure360, B-Sides, and the Tech Security Conference. Here are some highlights and ...
Its been a while since we have written about AI and robotics, but an article in Tech Republic got me inspired to discuss some of the more disturbing uses of autonomous machines, from least to most scary