Tag archive: security

Security, Privacy and IoT: The Week of February 13th

I’m experimenting with compiling a list of interesting articles each week – I’ll compile a list of articles that caught my eye. I’m trying to keep this quick and maintain a high signal-to-noise ratio.

Security

Adobe Flash Critical Security Update

Adobe has released Flash Player version 24.0.0.221 for Windows, macOS and Linux. It fixes “critical vulnerabilities that could potentially allow an attacker to take control of the affected system”. If you have Flash installed on your computer, update it immediately. Also update Chrome.

Except for the copy of Flash that comes with Chrome, I haven’t had Flash installed on my Mac in years and I don’t miss it at all.

https://helpx.adobe.com/security/products/flash-player/apsb17-04.html

Continue reading

Another Day, Another Massive Password Dump

Password Dumps: How To Protect Yourself

By now you’re probably used to reading about web sites getting broken into, exposing millions of accounts.

The information that crackers get varies… they may get email addresses and encrypted passwords. It may be your IP address, name, plain text password, credit card information, social security number… it all depends on what  the site collects and how they secure it.

This time around Adult Friend Finder was breached, exposing 340 million accounts as well about another 73 million accounts on other sex-related sites.

Continue reading

SMS two factor authentication

Two Factor Authentication, SMS and NIST

How many movies and TV shows have you seen where asks somebody else about a secret that they share? If they give the right answer, their identity is confirmed. If they don’t, they’re an imposter, an alien from Planet X in disguise.

Shared secrets are the basis of authentication in computer security. And two shared secrets – two factor – are even better than one, especially when the first is a password that many people have difficulty managing in a secure way. This is what we’re doing when we use both a password and a code that’s texted to us. And this week, we got told to stop using text messages for the second secret.

Continue reading

Stream: A Black Box for WordPress Security

You’re searching your blog for spam for the fourth time in the last few days. Not only can’t you figure out how the spammer keeps getting in, you also can’t figure out what they’re trying to sell with the mangled English in their posts… hand bags? sports drinks? Something with too many consonants and not enough vowels?

If only your web site had some kind of “black box” so that you could find out what they’re doing to post the spam.

Continue reading

%d bloggers like this:
var _gaq = _gaq || []; var pluginUrl = '//www.google-analytics.com/plugins/ga/inpage_linkid.js'; _gaq.push(['_require', 'inpage_linkid', pluginUrl]); _gaq.push(['_setAccount', 'UA-239812-12']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://' : 'http://') + 'stats.g.doubleclick.net/dc.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })();