Guest Post – Cybercriminals Like Going Mobile Too

It’s something that we hear a lot about – mobile devices have become an integral part of our society. Can you remember the last time that you switched your phone off for the weekend? Can you even imagine not having your phone with you all the time? If you’re like most people, the idea is ludicrous. We keep everything on our phones.

It’s convenient for us – you don’t have to boot ...

Continue Reading →
0

New WordPress Security Options

I have developed some expertise around the area of WordPress security.  One of my clients has a WordPress site under development, and recently the web designer changed the name of the login URL from https://clientsite.com/wp-admin to https://clientsite.com/A9u3ycGH37.  Basically, the wp-admin page name had been replaced with random characters.  I found out when I tried to log in using the usual URL.  I wondered ...

Continue Reading →
0

Stupid Politicians – Australia Edition

Thank God this hasn’t happened here in the United States (yet).  It is not for lack of trying by US law enforcement agencies, though.  What am I talking about?  Australia recently passed the controversial and totally STUPID anti-encryption law called Telecommunication & Other Legislation Amendment (Assistance & Access) Act of 2018 (TOLA).

TOLA is supposed to ...

Continue Reading →
1

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Tech Trends in 2019

Information on trends in technology for drones, security robots, artificial intelligence, security smart homes, and securing IoT.


Feds can’t force you to unlock your phone with finger or face, says judge

The landmark decision asserts the same 4th and 5th amendment legal protection for biometrics that we’re given for passcodes.


Continue Reading →
0

Chinese Attacks Against MSPs and IT Support Companies Puts Clients At Risk

US-Cert recently released the following warning to businesses, governmental units, and other organizations who contract their computer support to computer support companies that are known as Managed Service Providers or MSPs.  An MSP provides support principally by using remote monitoring, remote access, and remote control software products.  They install a monitoring tool called an “agent,” and a command and control device on the ...

Continue Reading →
2

Better Two-Factor Security from Google Titan

This article is an amusing collision between our last two topics – the problems with two-factor and multi-factor authentication and our four-part story on Google’s data mining habits.  Google has developed and released their Titan MFA security key as a more secure way to implement multi-factor authentication that can’t be attacked through phishing and man-in-the-middle exploits.  So if you can stand ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Tiny Hardware Firewall VPN Client

Here are a couple of tiny, portable security devices that provide hardware firewall, VPN, and TOR capability.  Check them out.


FTC Releases Cyber Resources for Small Businesses

10/25/2018 09:15 PM EDT  Original release date: October 25, 2018

The Federal Trade Commission (FTC) has ...

Continue Reading →
0

Problems with Password Manager Phone Apps

If you use a password manager app on your smartphone, it may be vulnerable to package name spoofing, which would allow the password manager’s autofill feature to enter your login credentials on a spoofed web form.  This vulnerability applies to popular apps from LastPass, Dashlane, Keeper, and 1Password.

I have been an advocate for password managers.  They are part of the solution to creating ...

Continue Reading →
0

Security Policies That Respect Users

Often it seems that security policies are designed with the assumption that average computer users are ID10Ts (idiot users).  Related terms such as PEBKAC (Problem Exists Between Keyboard And Chair), PICNIC (Problem In Chair, Not In Computer), IBM error (Idiot Behind Machine error) and other similar phrases illustrate the dark side of our interactions with our users.  Sometimes we allow our ...

Continue Reading →
0
Page 1 of 21 12345...»