Windows 10 S – The S is for Security

Are you sick and tired of having to have your computer restored after every malware infection?  Looking for a way to fend off crypto-ransomware attacks for good?  Then Windows 10 S may be for you.

Windows 10 S is a new, stripped down and hardened version of the popular operating system.  This is a great option for computer users who mostly use computers for searching the web and reading email.  The only ...

Continue Reading →
14
JUN
0

Computers and Internet, cybersecurity, ransomware, Windows 10

Another Lottery Scammer Nabbed by the Feds

We have reported previously about Operation Hard Copy.  This is from the US Department of Justice: The US Marshall’s Service arrested another member of the North Dakota lottery scam in Jamaica recently.

“United States Attorney Chris Myers announced today, that the U.S. Marshals Service, working with Jamaican law enforcement, has located and apprehended another man charged with participating in an international organized crime advance fee “lottery scam” which defrauded at least 90 ...

Continue Reading →
12
JUN
0

law and policy, Security, social engineering

Sunday Funnies: The Pun-Off

On May 13, in Austin, Texas, the 40th Annual O.Henry Pun-Off Championship was held.  Since I love puns, and am frequently guilty of punning in public, I thought this was an interesting tid-bit to pass along.  Enjoy!  (or not)

Be Sociable, Share!

Compliance is not Security

I am often asked to explain the difference between a security compliance audit, a vulnerability assessment, and a penetration test.  These exercises do many of the same things, but to a different degree.  A security compliance audit is like a 5K fun run, where a vulnerabilty assessment is more like a marathon.  A penetration test is an iron man competition.

In the course ...

Continue Reading →
9
JUN
0

compliance, Computers and Internet, cybersecurity, law and policy, Security

Tax Dollars At Work: FTC and US-CERT Resources for SMBs

US-CERT sent an announcement on May 9th about new resources for small and medium size business owners and managers.  Protecting Small Businesses can be found on the FTC website.  It includes information about:

  • Protecting your business from scams
  • Cybersecurity
  • Data breach response
  • Protecting personal information

There are also helpful videos about:

  • Building security into software development
  • Controlling access to data
  • Defending against ...
Continue Reading →
7
JUN
0

cybersecurity, law and policy, Security

Should Facebook Manage Password Recovery?

Back on February 22nd, we discussed Facebook’s new Delegated Account Recovery feature.  Basically, if you should for some reason forget your password to any account, or lose your two-factor authentication device (smartphone), and can no longer get into your account, Facebook will help you recover the account, as long as it is one that is enrolled with Facebook.

This is not the same thing as password managers like DashLane or LastPass, ...

Continue Reading →
5
JUN
0

authentication, Computers and Internet, cybersecurity, passwords, Security, smartphones

Hacker Tools for Pen Testing

On Wednesday we took a look at a collection of mostly web-based reconnaissance tools.  Today we are taking it to the next level and actually attempting to find and exploit vulnerabilties.

Kali Linux – This is a pen-testers version of Linux that comes fully loaded with over a hundred testing applications.  Kali can be installed in any  old laptop you have laying around, installed as a virtual ...

Continue Reading →
2
JUN
0

cybersecurity, Linux, Security, WordPress

Hacker Tools for Information Gathering

When starting an security assessment or penetration test with a new client, often the first step is information gathering or reconnaissance. Sure, you could just ask the client for the information you want, but where’s the fun in that?  Here is a list of tools to use to find information that they may not know is publicly available.

Google hacking or Google “dorks” – Johnny Long literally wrote the book about ...

Continue Reading →
31
MAY
0

cybersecurity, Security, surveillance

What Are You Letting OUT of Your Network?

I had an interesting question from a client last month.  They were looking for guidance on “egress filtering.”  Egress filtering is the concept of tuning your perimeter defenses (firewalls, routers, IDS*, and UTM* devices) to review and restrict the flow of information that is leaving your network.

Historically, most perimeter defenses are are designed to keep ...

Continue Reading →
29
MAY
0

Computers and Internet, cybersecurity, Security

Page 175 of 278 «...150160170173174175176177...»