Category: best practices
An example of a clear and concise incident report
This incident report from the Australian National University is definitely worth a read, both as an interesting look into the mechanics of a systems compromise…
Good security advice from down under
For many organizations, especially small businesses, the thought of starting any kind of cyber security program can seem daunting. With all of the threats out…
WordPress wants sites to eat their (patching) vegetables
Apparently. over a third of the web sites on the Internet (including this one) run the WordPress content management software package. Natch, this makes WordPress…
Good privacy advice from the US DoD
The US Department of Defense has put out a nifty guide on how to protect your privacy on social media sites such as Facebook, Instagram,…
So your third party has been breached…
Another day, another third party security compromise story… this time it is Indian outsourcing giant Wipro. The firm has confirmed that a small number of…
Time to end the cloud-o-phobia
Sorry, but I felt no need to purchase a monocle so I could have it pop out of my eye in horror/dismay/astonishment when I read…
Security risks from domain typo squatters
One of the ways that hackers get users to click on malicious links or believe false emails is to use domains that look like, but…
Even with security flaws, you should be using a password manager
Yesterday, the Washington Post ran an article about some important security research on password managers, describing a number of serious vulnerabilities in some of the…
What does your password say about you?
Using what we security experts call “crappy passwords” can be the first step in a journey to identity theft and all of its attendant miseries. …
Insiders on the outside
Homeland Security Magazine has a very interesting case study on an insider threat case involving DirecTV. In this case, the insider was a sort-of third…
