Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Keeping PowerShell: Measures to Use and Embrace

Original release date: June 22, 2022

Cybersecurity authorities from the United States, New Zealand, and the United Kingdom have released a joint Cybersecurity Information Sheet (CIS) on PowerShell. The CIS provides recommendations for proper configuration and monitoring of PowerShell, as opposed to removing or disabling it entirely due to its use ...

Continue Reading →
2
JUL
0

certification, encryption, Internet of Things, malware, NSA, ransomware, Software vulnerability, Weekend Update

, , , , , , ,

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

NSA Releases Network Infrastructure Security Guidance

Original release date: March 3, 2022

The National Security Agency (NSA) has released a new Cybersecurity Technical Report (CTR): Network Infrastructure Security Guidance. The report captures best practices based on the depth and breadth of experience in supporting customers and responding to threats. Recommendations include perimeter and internal network ...

Continue Reading →
12
MAR
0

CISSP, cybersecurity, cyberwar, Domain 4, NSA, ransomware, social networks, Weekend Update

,

When Encryption Is A Crime Only Criminals Will Have Encryption

As we enter the silly season of another Presidential Election, and possibly because of a psychological condition that I am calling COVID Mania*, the government is once again making boneheaded moves to introduce and pass legislation that would allow the federal government and law enforcement agencies easier access to encrypted messages from criminal sources.  This issue comes up every five to ten years.  It seems that agencies such as the ...

Continue Reading →
26
OCT
1

cybersecurity, encryption, law and policy, News and politics, NSA

,

“Sandworm” Is The True Story About Russian Cyberwarfare

Last month I read the book Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers, by Andy Greenberg, senior writer for Wired magazine.  If you want to understand how cyber-war has changed the face of military operations in the 21st century, this book explains everything.  This book has put the threat ...

Continue Reading →
2
MAR
2

critical infrastructure, cyberwar, News and politics, NSA, ransomware, social engineering, surveillance

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Update Your TOR Browser

Update your Firefox to version 66.0.4 and your TOR browser to version 8.0.9 to fix the problem with intermediate certificate verification.

FTC Releases Article on Keeping Children Safe Online

Original release date: April 26, 2019

The Federal Trade Commission (FTC) has released an article with tips for parents to keep ...

Continue Reading →
25
MAY
0

cybersecurity, NSA, passwords, Weekend Update

,

The NSA Releases Reverse Engineering Tool

Here’s a kick in the head.  Your tax dollars at work in a way that may save you a bunch of money.  The National Security Agency has voluntarily released a software reverse engineering tool called Ghidra at the RSA security conference.  The NSA has been using this tool internally to take apart and analyze malicious code, and to find vulnerabilities in commercial ...

Continue Reading →
29
MAR
0

Computers and Internet, cybersecurity, NSA, Software vulnerability

Your Tax Dollars At Work – Governmental Surveillance

We know that the US government is spying on us.  Just how deep the surveillance goes is a question that is hard to answer.  If you are one of those people who thinks this surveillance is OK because you “have nothing to hide,”  I suppose you could skip this article.  But here’s my question – why do you get upset when your identity is stolen by a cyber-criminal, but yet you are unmoved when your own government does the same ...

Continue Reading →
12
SEP
0

Computers and Internet, cybersecurity, law and policy, NSA, surveillance

Internet Anonymity – A Case Study

Who is Will McLauglin?  The Campaign for Privacy?  or Dennis Anon and Privacy.net?

I’ve been writing this blog long enough that I receive regular submissions for guest content, infographics and other sort of suggestions for article topics. As long as the submissions are legitimate and on topic, I am generally happy to post them.  My next post is one of those times.  My efforts at verifying the source has been an ...

Continue Reading →
10
SEP
0

Computers and Internet, cybersecurity, law and policy, NSA, surveillance

A History of Cyber Warfare – Part 3

Today we finish our story on the history of cyber warfare.

Edward Snowden (May 2013)

Attributed to Edward Snowden.  The target was the National Security Agency of the United States.  Snowden was a former CIA employee, who, while working for Booz Allen Hamilton as a contractor to the NSA, copied and leaked NSA information, particularly the computer exploits that the NSA used abroad and ...

Continue Reading →
2
MAR
0

Computers and Internet, cybersecurity, hacktivism, law and policy, News and politics, NSA, Phishing, Security

DOD and NSA Internet Surveillance Archives Not Secured

Many companies and organization are moving their data repositories to the cloud, to places such as Amazon Web Services (AWS).  Hopefully, if your company is moving to the cloud, you are doing a better job securing this information than the Department of Defense or the National Security Agency.

The first story involves a trove of data left on AWS servers, and discovered by ...

Continue Reading →
8
DEC
0

Computers and Internet, cybersecurity, News and politics, NSA, Security, Software vulnerability

Page 1 of 3 123