Posted in hacks insider threat Paranoid Peeps politics social engineering

Grindr and US national security

Here’s an interesting development…the US federal agency which reviews foreign investments in US companies has ordered a Chinese firm to…

Posted in best practices online security social engineering useful stuff

Security risks from domain typo squatters

One of the ways that hackers get users to click on malicious links or believe false emails is to use…

Posted in authentication online security social engineering worst practices

Comcast assigned every mobile customer the same unchangeable PIN to protect against SIM hijack attacks: 0000

If someone wants to steal your phone number — say, to intercept the two-factor authentication SMSes needed to break into…

Posted in hacks online security social engineering

The ultimate outsider threat?

I know I have been blathering on about insider threats lately, so let’s go to the other extreme – the…

Posted in hacks online security social engineering worst practices

The other big hack of 2016?

According to CSO Online, someone is offering for sale what they claim is a 6GB file of “data enrichment” information…

Posted in best practices CSO deep thoughts malware online security social engineering

no, it’s not the end user’s fault

According to a survey released by endpoint security solution vendor Bromium, 79 percent of surveyed information security professionals view end…

Posted in hacks social engineering

sometimes the “it department” isn’t the it department

For your social engineering reading pleasure… ¬†the take aways? ¬†First, operational security is important – this scam worked (at least…