Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


AA20-006A: Potential for Iranian Cyber Response to U.S. Military Strike in Baghdad

Original release date: January 6, 2020

Summary

The Cybersecurity and Infrastructure Security Agency (CISA) is sharing the following information with the cybersecurity community as a primer for assisting in the protection of our Nation’s critical infrastructure in light of the current tensions between the Islamic Republic of ...

Continue Reading →
0

Guest Post – WordPress Maintenance Checklist (Infographic)

Since my weblog is running on WordPress, and since about 25% of all websites run on WordPress, I often will post an article on WordPress security.  This guest post is not 100% web site security related, but configuration errors and similar mistakes can create vulnerabilities that often lead to an intrusion or breach.  Good website maintenance is an import part of the security ...

Continue Reading →
0

Guest Post – Cybercriminals Like Going Mobile Too

It’s something that we hear a lot about – mobile devices have become an integral part of our society. Can you remember the last time that you switched your phone off for the weekend? Can you even imagine not having your phone with you all the time? If you’re like most people, the idea is ludicrous. We keep everything on our phones.

It’s convenient for us – you don’t have to boot ...

Continue Reading →
0

New WordPress Security Options

I have developed some expertise around the area of WordPress security.  One of my clients has a WordPress site under development, and recently the web designer changed the name of the login URL from https://clientsite.com/wp-admin to https://clientsite.com/A9u3ycGH37.  Basically, the wp-admin page name had been replaced with random characters.  I found out when I tried to log in using the usual URL.  I wondered ...

Continue Reading →
1

Stupid Politicians – Australia Edition

Thank God this hasn’t happened here in the United States (yet).  It is not for lack of trying by US law enforcement agencies, though.  What am I talking about?  Australia recently passed the controversial and totally STUPID anti-encryption law called Telecommunication & Other Legislation Amendment (Assistance & Access) Act of 2018 (TOLA).

TOLA is supposed to ...

Continue Reading →
1

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Tech Trends in 2019

Information on trends in technology for drones, security robots, artificial intelligence, security smart homes, and securing IoT.


Feds can’t force you to unlock your phone with finger or face, says judge

The landmark decision asserts the same 4th and 5th amendment legal protection for biometrics that we’re given for passcodes.


Continue Reading →
0

Chinese Attacks Against MSPs and IT Support Companies Puts Clients At Risk

US-Cert recently released the following warning to businesses, governmental units, and other organizations who contract their computer support to computer support companies that are known as Managed Service Providers or MSPs.  An MSP provides support principally by using remote monitoring, remote access, and remote control software products.  They install a monitoring tool called an “agent,” and a command and control device on the ...

Continue Reading →
2

Better Two-Factor Security from Google Titan

This article is an amusing collision between our last two topics – the problems with two-factor and multi-factor authentication and our four-part story on Google’s data mining habits.  Google has developed and released their Titan MFA security key as a more secure way to implement multi-factor authentication that can’t be attacked through phishing and man-in-the-middle exploits.  So if you can stand ...

Continue Reading →
0
Page 1 of 21 12345...»