Category: worst practices

Snail mail hacking

Some of the most effective hacks don’t require the attacker to touch your computer. This article from Flashpoint provides some insight into how criminals are…

Continue Reading

Something about (Japanese) foxes and hen houses

Not strictly a security story, but interesting and alarming… Japanese authorities have decided that: It is permissible to make contributions to politicians using cryptocurrencies like…

Continue Reading

Is Business Email Compromise a “cyber attack?”

Just what constitutes a cyber attack? That’s the question facing a court in a case brought against insurer AIG. One of the firm’s clients was…

Continue Reading

Bad biometrics: Samsung’s new S10 phone

When biometrics work properly, they can provide you with an easy to use security solution with a reasonable level of assurance for most types of…

Continue Reading

Comcast assigned every mobile customer the same unchangeable PIN to protect against SIM hijack attacks: 0000

If someone wants to steal your phone number — say, to intercept the two-factor authentication SMSes needed to break into your bank account or other…

Continue Reading

Two factor authentication on web apps should be the default

tl;dr – If you are using Microsoft Office 365 (or any other hosted email solution) and have not enabled two factor authentication, you are bad…

Continue Reading

The other big hack of 2016?

According to CSO Online, someone is offering for sale what they claim is a 6GB file of “data enrichment” information pertaining to over 200 million…

Continue Reading

In DPRK, Linux Watches You

A presentation from this past week’s Chaos Computer Congress shows how totalitarian states (like, in this case, North Korea) can leverage open source software in…

Continue Reading

your passcode can take the fifth, but not your finger

Now, here is a head scratcher… a circuit court in Virginia has ruled that while law enforcement cannot force you to reveal the passcode for…

Continue Reading

hacking wifi via lightbulbs?

While the “Internet of Things” has great potential, it also opens up new attack surfaces for those with nefarious intent to exploit.  A good example of…

Continue Reading