Posted in hacks online security privacy worst practices

Bad biometrics: Samsung’s new S10 phone

When biometrics work properly, they can provide you with an easy to use security solution with a reasonable level of…

Posted in authentication online security social engineering worst practices

Comcast assigned every mobile customer the same unchangeable PIN to protect against SIM hijack attacks: 0000

If someone wants to steal your phone number — say, to intercept the two-factor authentication SMSes needed to break into…

Posted in authentication CSO online security worst practices

Two factor authentication on web apps should be the default

tl;dr – If you are using Microsoft Office 365 (or any other hosted email solution) and have not enabled two…

Posted in hacks online security social engineering worst practices

The other big hack of 2016?

According to CSO Online, someone is offering for sale what they claim is a 6GB file of “data enrichment” information…

Posted in deep thoughts hacks Paranoid Peeps privacy worst practices

In DPRK, Linux Watches You

A presentation from this past week’s Chaos Computer Congress shows how totalitarian states (like, in this case, North Korea) can…

Posted in law worst practices

your passcode can take the fifth, but not your finger

Now, here is a head scratcher… a circuit court in Virginia has ruled that while law enforcement cannot force you…

Posted in hacks worst practices

hacking wifi via lightbulbs?

While the “Internet of Things” has great potential, it also opens up new attack surfaces for those with nefarious intent to…

Posted in hacks worst practices

so… about that hedge fund hacking story…

  An update on the “hedge fund hacking” story from a couple of weeks ago… it appears that this attack…

Posted in best practices online security worst practices

apple security fail leaves email attachments unprotected

One of the nice things about Apple’s iOS platform is the “hardware level encryption” that protects “all of the information…

Posted in risk systemic risk worst practices

how not to do a risk assessment

So, the risk management mavens for the City of Portland, Oregon have provided us all with an object lesson in…