Category: online security
Great resource for configuring TLS
OK, let’s admit it – issues around cryptography are the most complex and confusing part of information security. Aside from all that math, there are…
How authentication methods stack up
Here’s a nice resource from iDaptive’s blog on the relative merits of various common types of authentication technologies – interesting quick read.
Attack on encrypted PDFs exfiltrates clear text data
Here’s a quite clever hack… German security researchers have found a way to exfiltrate the contents of encrypted PDF files without breaking their encryption. Because…
NIST & Microsoft partner for patching pointers
The US Government’s National Institute of Standards and Technology and 8,000,000 pound gorilla Microsoft are working together to provide industry with definitive guidance on keeping…
Is Business Email Compromise a “cyber attack?”
Just what constitutes a cyber attack? That’s the question facing a court in a case brought against insurer AIG. One of the firm’s clients was…
An example of a clear and concise incident report
This incident report from the Australian National University is definitely worth a read, both as an interesting look into the mechanics of a systems compromise…
WordPress wants sites to eat their (patching) vegetables
Apparently. over a third of the web sites on the Internet (including this one) run the WordPress content management software package. Natch, this makes WordPress…
Good privacy advice from the US DoD
The US Department of Defense has put out a nifty guide on how to protect your privacy on social media sites such as Facebook, Instagram,…
Bad biometrics: Samsung’s new S10 phone
When biometrics work properly, they can provide you with an easy to use security solution with a reasonable level of assurance for most types of…
Time to end the cloud-o-phobia
Sorry, but I felt no need to purchase a monocle so I could have it pop out of my eye in horror/dismay/astonishment when I read…