Category: online security
The NYPD (and the rest of us) need some new barricades
Not all security barricades are made of wood. Some are made of bits. According to the New York Post, the New York Police Department ran…
Orvis data leak and the need to monitor ‘paste’ sites
Fishing retailer Orvis had a serious (and embarrassing) data breach recently. Independent security researchers found a posting on text snippet site Pastebin with what appeared…
An unsung cybersecurity hero
Here is some excellent reporting from ProPublica about an unsung cybersecurity hero. Michael Gillespie has helped thousands of people recover their files after they were…
US DoJ guidance on responding to and reporting cyber incidents
When thinking about how to respond to cyber security incidents, you need to think about how your organization will engage with law enforcement – and…
Great resource for configuring TLS
OK, let’s admit it – issues around cryptography are the most complex and confusing part of information security. Aside from all that math, there are…
How authentication methods stack up
Here’s a nice resource from iDaptive’s blog on the relative merits of various common types of authentication technologies – interesting quick read.
Attack on encrypted PDFs exfiltrates clear text data
Here’s a quite clever hack… German security researchers have found a way to exfiltrate the contents of encrypted PDF files without breaking their encryption. Because…
NIST & Microsoft partner for patching pointers
The US Government’s National Institute of Standards and Technology and 8,000,000 pound gorilla Microsoft are working together to provide industry with definitive guidance on keeping…
Is Business Email Compromise a “cyber attack?”
Just what constitutes a cyber attack? That’s the question facing a court in a case brought against insurer AIG. One of the firm’s clients was…
An example of a clear and concise incident report
This incident report from the Australian National University is definitely worth a read, both as an interesting look into the mechanics of a systems compromise…