000Webhost Loses Plaintext Passwords

000WebHost

This comes under the heading of “know who you are doing business with.”  Web hosting company 000webhost.com was breached this week and over 13 million customer records were stolen and posted for sale on the Internet.  The data includes customer names, emails and passwords in plaintext  (meaning the passwords were unencrypted).  Storing passwords in an unencrypted form should be a criminal act in itself, ...

Continue Reading →
0

Scary Disguises Hide Malware Too

goblinIt’s Halloween tomorrow, the traditional time when we dress up in scary or not-so scary costumes to disguise our identity and trick our friends and family.  It’s good to remember that malware often uses disguises to trick us into committing an action that releases the attack.  What follows are my scary Halloween stories.

  • Social Engineering – In this exploit the attacker may present themselves in person, over the phone, or by ...
Continue Reading →
0

Really Secure Email

ProtonMailOK, so Monday I lampooned the Director of the CIA for using AOL email to transmit top secret CIA files (yikes).  And of course we all remember the Hillary Rodham Clinton kerfuffle over her use of her own private email service to transmit State Department documents (better).  One has to assume that this pretty flagrant violation of what has to be well known government policies by people who probably know better ...

Continue Reading →
0

Top Cybersecurity Threats in 2015

penetration_test_436x270The cybersecurity threat surface is constantly changing.  Below are listed the top areas of concern among cybersecurity experts.  Some are new, and some have been around seemingly forever.

New Threats

  • Emerging technologies and the Internet of Things (IoT).  It seems that all of our new toys are Internet enabled in some way, and many of these devices present a new attack surface for cyber-criminals. ...
Continue Reading →
0

Please Stop Falling For Tech Support Scams

STOP THE MADNESS!!  It drives me crazy when a client calls me AFTER spending an hour on the phone with some tech support scammer, and then thinks to call me after they have a problem “fixed” that they never had in the first place.

One of my clients recently fell for an interesting variation of the Tech Support Scam.  She did a Google search to find the HP technical support number, but the company she called, while at the top of ...

Continue Reading →
0

Wi-Fi Sense or Nonsense?

The newly released Windows 10 operating system comes with a feature called “Wi-Fi Sense” that I think is pretty questionable from a security standpoint.  The basic idea is that, under Windows 10, when you connect to a wireless network for the first time, you have an opportunity to “share” you new wireless connection with your family, friends, and coworkers. I consider this be to a security concern.  The problem as I see it is that you share your connection to ...

Continue Reading →
0

Sunday Funnies: Bacon!

baconLoved this sign from Buzzfeed by way of Pinterest.

 

Made me think of my favorite Parks and Recreation quote:

“I enjoy government functions like I enjoy getting kicked in the nuggets with a steel toed boot. But this hotel always served bacon wrapped shrimp. That’s my number one favorite food wrapped around my number three favorite food. I’d ...

Continue Reading →
0

FBI Warns About IOT Vulnerabilities

IOTOne of the major trends in technology is the proliferation of smart devices, also known as the Internet of Things (IOT).   The FBI recently released a public service announcement titled “Internet of Things Poses Opportunites For Cyber Crime.”  More and more devices are are coming with software, processors and network capability, and connecting to our home and ...

Continue Reading →
0
Page 1 of 2 12