Category: best practices
WordPress wants sites to eat their (patching) vegetables
Apparently. over a third of the web sites on the Internet (including this one) run the WordPress content management software…
Good privacy advice from the US DoD
The US Department of Defense has put out a nifty guide on how to protect your privacy on social media…
So your third party has been breached…
Another day, another third party security compromise story… this time it is Indian outsourcing giant Wipro. The firm has confirmed…
Time to end the cloud-o-phobia
Sorry, but I felt no need to purchase a monocle so I could have it pop out of my eye…
Security risks from domain typo squatters
One of the ways that hackers get users to click on malicious links or believe false emails is to use…
Even with security flaws, you should be using a password manager
Yesterday, the Washington Post ran an article about some important security research on password managers, describing a number of serious…
What does your password say about you?
Using what we security experts call “crappy passwords” can be the first step in a journey to identity theft and…
Insiders on the outside
Homeland Security Magazine has a very interesting case study on an insider threat case involving DirecTV. In this case, the…
Leaky buckets and acquisition best practices
There are three interesting things for CSOs to think about in this story on a leak of passport and other…
Great DerbyCon talk on hunting for the bad guys
It sometimes seems to me that a lack of data is not the issue when patrolling your networks for signs…