Category: Uncategorized

Old, Old School

Today’s edition of “how in the world is that possible?” I bring you the curious case of the antique shop. Well, the business is not about buying and selling antiques, its a widget (actual line of business obfuscated to protect…

You Always Have Options

A “Florida man” story, ransomware edition: The city manager of Lake City, Joe Helfenberg confirmed that the director of information technology, Brian Hawkins, was fired. The decision comes after a “Triple Threat” cyber attack that disables city servers, phones, and…

Pay the Ransom (Its OK, Really)

Nobody likes to be held hostage. I get it. I do. But when it comes to ransomware I’ve said from the beginning – and now others are starting to say it to – this is not personal: its just business.…

Pay the Ransom #912

Be careful around companies that charge to recover a computer from a ransomware attack. A sting operation has uncovered evidence that one such ransomware recovery provider in the UK has simply been paying off the hackers to release the computers — and…

Write Down Your Passwords

Want to start a security nerd slap fight? Ask two of them their opinions of one of these little gems: For years the conventional wisdom has been: never write down your passwords. Conventional wisdom has also said: use unique, long,…

Do I HAVE to Use a Password Manager?

From a client: I understand the reasons why you recommend the use of password managers. I’m not sure that we’re going to have widespread adoption. As we discussed, my people know how to do their jobs, and things that get…

Pay the Ransom #872

BALTIMORE SAYS IT WILL NOT PAY RANSOM AFTER CYBERATTACK The US city of Baltimore, a victim this month of a cyberattack that paralyzed part of its computer network, will not pay a ransom to undo the damage, Mayor Bernard Young said…

So Much for the Cloud?

Google on Tuesday said that some passwords for its G Suite customers were stored in an unhashed format since 2005. “We are writing to inform you that due to legacy functionality that enabled customer Domain Admins to view passwords, some…

Two-Factor Authentication: Still Better With Than Without It

Google has published the results of a study of the efficacy of standard anti-account-hijacking techniques like two-factor authentication (2FA), secret questions, and passwords: the good news is that when these are used, they are incredibly effective at stopping both automated and targeted…

Free Stuff: Nessus Essentials

COLUMBIA, Md., May 15, 2019 (GLOBE NEWSWIRE) — Tenable®, Inc., the Cyber Exposure company, today announced Nessus® Essentials, an enhanced free version of its market-defining vulnerability assessment solution (formerly Nessus Home). Nessus Essentials is designed to be used by students, professors…