Archive for the ‘Internet’ Category

This Phishing Scam Email Is Legit

Tuesday, April 16th, 2013

I recently finished reading Mandiant‘s fantastic APT1 Report. One of the gems is on page 29, which details some of the tactics used by phishing attacks carried out by APT1, (speculated to be the elite cyber-attack wing of the Chinese military). (more…)

No, You Do NOT Want Your Employees’ Passwords!

Thursday, March 7th, 2013

We have several clients who have stated that they “need to have all employees’ passwords.” They don’t, and furthermore, after a brief explanation, they realize they don’t want them either. Here’s why.

(more…)

Evernote Hacked, Too

Tuesday, March 5th, 2013

This weekend, Evernote announced that they were hacked, joining Apple, Facebook, Microsoft, and NBC. All this in the first quarter of 2013!

Below is an email that was sent to all Evernote users, informing them of the event, and steps Evernote took to safeguard their users’ data. (more…)

Facebook is Agent Smith from the Matrix

Friday, February 22nd, 2013

agent_smithDo you remember Agent Smith from “The Matrix?” These guys were pretty scary. They could move with blinding speed, possessed superhuman strength and reflexes, and, scariest of all, if you killed one, he could suddenly reincarnate as anyone… anyone else around you. There was no way to tell if the innocent grandmother or fruit vendor you were talking to would suddenly morph into an Agent and shoot you on the spot. And the same is true of all of those websites that you visit every day. (more…)

Time to Change Your Skype Password

Monday, December 3rd, 2012

Skype recently issued an advisory and fixed a bug which could allow anyone who knew a Skype user’s email address to change said user’s Skype password. While Skype has issued a statement saying that only a small number of users were affected, it is recommended that all users (this means you, too) change their Skype password. (more…)

Redundant Internet Connections: Something To Be Thankful For

Thursday, November 22nd, 2012

Turkey!As I write this on Thanksgiving Day, I am thankful for family, friends, my health, prosperity, and my redundant Internet connection. (more…)

Why You Need At Least Two Web Browsers

Friday, September 21st, 2012

Recent security holes with Oracle’s Java and Microsoft Internet Explorer have underscored the need for two web browsers (or two different computers) to separate your business processes while surfing the Internet. (more…)

LinkedIn Scam of the Day

Tuesday, September 4th, 2012

We recently handled an incident response case where our client was infected by malware which was delivered by email. The client plead ignorance, and asked “how can we tell what is real and what is a virus?” Here’s a quick tip to do just that!

For starters, several email clients and web browsers will show you the address of a link before you click on it… provided you take a few seconds and look before clicking! Most people just click away without giving a second thought, which is like running out across the street and then, if ever, looking to see if there is any oncoming traffic, so try to resist that urge and put safety first.

Here’s a sample “LinkedIn” notification I just received.

Suspicious "LinkedIn" Email

(more…)

How Old Is Your Password?

Tuesday, August 14th, 2012

Here’s a quick self-assessment on your password. Please take 1 minute to answer the questions on our brief password age survey, and we’ll report the findings back here soon.

Thanks!

I’m Not Worried About Security – I trust [Insert Big Company Name]

Tuesday, August 7th, 2012

Over the years, there have been many times when I’ve heard the phrases “I’m not worried about security” or “I trust” followed by “Facebook,” “Microsoft,” “Amazon,” “Google,” “Apple,” or any number of other large companies that hold on to a large amount of customer data. This article, written by Gizmodo’s Mat Honlan, should give anyone who trusts their security to another company second thoughts. (more…)