If your business accepts credit cards for payment, then your a subject to the regulations of the Payment Card Industry. This is known as PCI-DSS Compliance. PCI compliance company Security Metrics recently released an infographic that shows the main compliance failures that lead to credit card breaches in 2017. Here are some of the startling take-aways:
When you see the secure HTTPS protocol at the beginning of a web address, or see the green “secure site” padlock symbol, does this mean that the site is safe? Unfortunately, the answer is NO. There is some confusion among computer users about what HTTPS really means. This confusion is being exploited by cyber-criminals running phishing exploits.
HTTPS or secure hypertext ...
Continue Reading →
The rare Tuesday post to advise about an impending event. Tomorrow there is a triple lunar event. A blue moon, which is when the moon appears twice in the same calendar month, a super moon, which is when the moon is closest in its rather wobbly orbit around the earth, and a blood moon, which is a lunar eclipse event when the moon passes through earth’s shadow, and the color ...
The most devastating exploit that can happen to you is to have your email account hijacked. We have spilled a lot of pixels on this subject (see below). The reason we find this so dangerous is that it is that this is the attack most likely to happen to you.
Google recently released a study that analyzed how Gmail accounts are hijacked. If you have an Android smartphone, you have a ...
Continue Reading →Thanks to Dimitrios Hilton for sending this out to me.
What is the biggest security threat to our society this week? Is it Spectre and Meltdown???
Or is it something else? Tide pods?
And ...
Continue Reading →
A quick Saturday digest of cybersecurity news articles from other sources.A paper at Schmoocon DC over the weekend revealed a delightful cryptogram on William and Elizebeth Friedmans’ tombstone. This is a fun story and will introduce you to the Bacon cypher.
Phishers are using the hot ...
Continue Reading →
Every year some pundit declares that the password will soon be dead. I have been proclaiming for several years now that the password, by itself, is no longer a suitably strong form of security, and have been a champion for two-factor authentication.
Microsoft has recently stated that their Windows Hello facial recognition system is a suitable replacement for passwords. Windows Hello ...
Continue Reading →
As long as we are on the subject of election rigging and tampering, it is notable that Congress has finally weighed in on the subject of insecure and hackable electronic voting machines. According to a recent TechDirt article, “A new bipartisan bill has been introduced, called the Secure Elections Act, that would actually ...
I recently caught a story on the BBC World News via PBS. Anders Thornberg, the director of Swedish Security Services (SAPO) was accusing the Russians of engaging in social media driven misinformation campaign very similar to what happened in recent elections in France and Germany, and in the US during the last Presidential Election. Evidently Putin is concerned that Sweden may join NATO, and is actively campaigning for candidates who are opposed to NATO.
Just don’t play it too late at nightSleep apnea can not only cause annoying snoring, but the associated lack of sleep can drive people crazy or even kill them. Treatments often include bulky continuous positive airway pressure devices that pump air into a person’s throat to keep their airway open. But an ancient Australian instrument has turned out to be a much ...
Continue Reading →