My uncle sent me this image, and I added it to my Pinterest account. Health tips from someone who has made a long run are always good.
This is the time of the year everyone writes either a year in review article, or a what’s coming in the new year post. Guess which one this is? I’ve been reading the pundits, and considering my own findings as a cybersecurity professional. I pulled together the following list for your review, and to help you plan where to spend your time, talent, and budget in 2017.
- Continued issues with crypto-ransomware in ...
DEC
Cybersecurity professionals are in agreement. The Russians appear to have been actively engaged in influencing the outcome of our recent Presidential election. Specifics include compromising and taking over Hilary Clinton’s chief of staff, John Podesta’s personal Gmail account. This spear phishing exploit used a “near-miss” domain name of “accounts.googlemail.com” to trick John into clicking on a link and and entering his email credentials. The real domain name is accounts.google.com.
There was also ...
Continue Reading →DEC
The FBI recently reported on arrests of a number of lottery scammers in what they call “Operation Hard Copy.” We do like to report when cyber-criminals are arrested, prosecuted, and jailed, because it shows that stopping cyber-crime is not impossible. But it is almost always a multi-national, multi-jurisdictional undertaking that requires the cooperative efforts of law enforcement from several countries.
What I found most interesting was the way that this ...
Continue Reading →DEC
Yesterday I released a post before it was fully baked. I publish 3 times a week, and generally I have articles written several weeks ahead, but my schedule has caught up with me, and I have nothing in the hopper. I’ll have to get busy over the Christmas holiday weekend.
Please come back Friday for the complete article.
Continue Reading →DEC
If Santa brings you a bunch of new electronic toys for Christmas, take an extra moment to secure them properly. Many new devices will work fine straight out of the box, but this usually means they are set up with very insecure manufacturer defaults. Here are our tips:
- Default passwords – Always take a moment to replace the default user name and password (often just “admin” and “password”) with something more secure. Passwords should ...
DEC
This actually is in the “good news” department. The some security folks at Facebook are scouring the Dark Web, looking for rainbow tables of user names and passwords in order to find Facebook users who may be reusing the same password on multiple sites. As we have discussed here many times, password reuse creates a serious security vulnerability. If the cyber-crooks have your password for one site, they will try it on ...
DEC
There is a lot of talk in the cybersecurity world about Industrial Control Systems (ICS) and Supervisory Control And Data Acquisition (SCADA) systems that run the US power grid, water utilities, gas piplines, oil refineries, and countless factories. We discussed how all this might play out in the electrical grid when I reviewed Ted Koppel’s new book Lights Out.
We saw the kind of damage that an IoT botnet ...
Continue Reading →DEC