Shut Off The Engine! Default Passwords Can Disable Your Car!
Abuse of default passwords has gotten worse since I first posted about it here five years ago. Threatpost recently posted an article discussing the issue of passwords for IoT (Internet of Things) devices. Because, for example, networked doorbells don’t have a way for the owner to enter a unique, secure password and often communicate unencrypted, […]
Another Breach of Data Stored In The Cloud. Please stop.
I have a love-hate relationship with ”the cloud”. I love how easy it is to create services, easily access software and data, and I love the easy sharing of data. But I seriously hate how easy it is to unintentionally expose data that should remain confidential. In April of this year, the Telegraph reported on […]
Physical Security is Still Important, Maybe it is More So Than Ever Before
I taught Learning Tree’s Cyber Security Introduction from my office studio recently. The course participants had one thing in common with every other group to which I’ve delivered that class: they really weren’t interested in physical security. I tried to change their minds. Along with the usual activity where a Windows device is booted from […]
Vulnerability Scanners: How Helpful Are They?
Many of you must follow formal cybersecurity requirements. PCI DSS, if you accept credit or debit cards. HIPAA, if you store or process health care data. Then, if you’re with the Department of Defense or other U.S. Government agencies, there are more detailed configuration requirements. In theory, you could just read the requirements and then […]
The Brave Web Browser: Faster and More Secure
It is a Brave new (browser) world out there. Almost since the start of the World Wide Web, users have had different preferences of how to access it. Some like Firefox, some Safari, some Chrome, some Opera, some Chrome, some… You get the picture. The “browser wars” ebb and flow in intensity. A relatively new […]