Everybody’s passwords have been stolen. Now criminals are reusing passwords on other sites. Github responds. LinkedIn responds. Could we?
Watch more videos on my YouTube channel.
Archive for June, 2016
Stuck in Traffic – BadBlock Ransomware
Posted byI miss the good old days, when ransomware was left to the professionals and only encrypted data files. Not like BadBlock and these newer round of malware. Those were simpler times.
Watch more videos on my YouTube channel.
Stuck in Traffic – Blame the Victim
Posted bySomeone called the help desk with a phish? Laugh at them for falling for it. Some firm got breached? Post it to Facebook and enjoy the schadenfreude. That’s often how the IT security community and industry responds. So how’s that working for us?
Watch more videos on my YouTube channel.
Stuck in Traffic – Stopping Work that looks like Work
Posted byWhen work looks like work, work gets done. Good news for the IT security team. But what if the work is criminal? Today, a story from 0ddJ0bb on how fraudsters used the principle to steal bitcoin.
Watch more videos on my YouTube channel.
Stuck in Traffic – What next?
Posted byWhen checking for compromise, measuring security maturity, and doing penetration testing … what do you do first?
Watch more videos on my YouTube channel.
Stuck in Traffic – The Unencrypted Millions
Posted byRapid7 scans the Internet and find millions of unencrypted services. Telnet, databases, printers, and file shares. Welcome to the 1990’s internet, today.
Watch more videos on my YouTube channel.
Stuck in Traffic – Redundancy Encryption
Posted byWe encrypted the Web traffic. And then decrypted it across the firewalls. We encrypted the files. And then decrypted them to load databases. We encrypted the disks. Wait. But we decrypted on boot. And this is why we need redundant encryption controls.
Watch more videos on my YouTube channel.
Stuck in Traffic – Redundancy in Encryption
Posted byhttp://youtu.be/xvbSjij9_T8
We encrypted the Web traffic. And then decrypted in across firewalls. We encrypted the files. And then decrypted to load databases. But we encrypted the disks. Wait. Then we booted up and decrypted it. And this is why we need redundant encryption controls.
Watch more videos on my YouTube channel.
Stuck in Traffic – Ransomware Bypassing EMET
Posted byA new version of Angler, used for ransomware, is taking advantage of Flash and Silverlight to bypass EMET’s memory protection. So should we abandon EMET altogether or what?
Watch more videos on my YouTube channel.
Stuck in Traffic – DRM, IRM, DLP, ETC
Posted bySetting up rights management and loss prevention for secure file exchange. Hardening the circadian rhythms of our organizations.
Watch more videos on my YouTube channel.