Category: online security

What does your password say about you?

Using what we security experts call “crappy passwords” can be the first step in a journey to identity theft and all of its attendant miseries. …

Continue Reading

E.U. software bug bounties for open source software 👍

Here is a great example of how international cooperation can make the Internet more secure for us all… the European Union has announced “bug bounty”…

Continue Reading

Not all two factor authentication is created equal

Two factor authentication  is an important security tool; by using 2FA, an attacker get ahold of your user name and password still can’t get into…

Continue Reading

Open S3 Buckets: From Bad to Worse

Just when you thought that the whole “globally readable Amazon S3 storage buckets” thing couldn’t get any worse, it did. According to a study by…

Continue Reading

The (not paranoid enough) Android

The train wreck that is Android security continues… A new strain of malware by security firm Wandera found in China has the following charming characteristics,…

Continue Reading

Beware of mobile number port out scams!

I spend a lot of time telling people to use two factor authentication on their important web accounts.  This may explain why I don’t get…

Continue Reading

The ultimate outsider threat?

I know I have been blathering on about insider threats lately, so let’s go to the other extreme – the ultimate outsider threat. A pair…

Continue Reading

Insiders on the outside

Homeland Security Magazine has a very interesting case study on an insider threat case involving DirecTV.  In this case, the insider was a sort-of third…

Continue Reading

Outsourced security program failure leads to $100K regulatory fine

Another reminder of the importance of managing third party vendor relationships… The Commodity Futures Trading Commission fined AMP Global Clearing (an electronic trading firm) $100,000…

Continue Reading

Leaky buckets and acquisition best practices

There are three interesting things for CSOs to think about in this story on a leak of passport and other personal information on tens of…

Continue Reading