Posted in best practices hacks online security Paranoid Peeps systemic risk

WordPress wants sites to eat their (patching) vegetables

Apparently. over a third of the web sites on the Internet (including this one) run the WordPress content management software…

Posted in best practices online security Paranoid Peeps privacy social engineering useful stuff

Good privacy advice from the US DoD

The US Department of Defense has put out a nifty guide on how to protect your privacy on social media…

Posted in CSO deep thoughts insider threat Paranoid Peeps

Naming and shaming

So here’s a bit of an odd story… according to the Financial Times, the US Federal Reserve has publicly sanctioned…

Posted in best practices CSO deep thoughts hacks risk systemic risk

So your third party has been breached…

Another day, another third party security compromise story… this time it is Indian outsourcing giant Wipro. The firm has confirmed…

Posted in hacks insider threat Paranoid Peeps politics social engineering

Grindr and US national security

Here’s an interesting development…the US federal agency which reviews foreign investments in US companies has ordered a Chinese firm to…

Posted in hacks online security privacy worst practices

Bad biometrics: Samsung’s new S10 phone

When biometrics work properly, they can provide you with an easy to use security solution with a reasonable level of…

Posted in best practices cloud computing online security

Time to end the cloud-o-phobia

Sorry, but I felt no need to purchase a monocle so I could have it pop out of my eye…

Posted in best practices online security social engineering useful stuff

Security risks from domain typo squatters

One of the ways that hackers get users to click on malicious links or believe false emails is to use…

Posted in authentication online security social engineering worst practices

Comcast assigned every mobile customer the same unchangeable PIN to protect against SIM hijack attacks: 0000

If someone wants to steal your phone number — say, to intercept the two-factor authentication SMSes needed to break into…

Posted in online security

The war we try to ignore

As information security professionals, our goal is to protect information against attacks on confidentiality, integrity and availability. Today, I want…