In late 2015 Juniper announced that it had found two backdoors in the router and firewall appliances that it sells. Backdoors are unauthorized ways to get into these systems in a way that bypasses security. Kind of like going around to the back of the house and finding the kitchen door unlocked when no one […]
Continue reading → [DISPLAY_ACURAX_ICONS]Israeli Startup Raises $12.5 Million to Help Governments Hack IoT Given the sad state of IoT security, I am not sure that governments need any help in hacking IoT devices, but just in case they do, Israeli startup Toka raised $12.5 million to help police hack iPhones, Alexas, Echos and Nests, along with other IoT […]
Continue reading → [DISPLAY_ACURAX_ICONS]Last week I started a series on steps to comply with both the E.U.’s General Data Protection Regulation or GDPR and California’s new privacy law, the California Consumer Protection Act or CCPA. To find Step 1, go to this post: https://cybercecurity-mitch-tanenbaum-blog.com/complying-with-gdpr-and-californias-new-privacy-law-ccpa-step-1/ . This week, on to Step 2 – CREATE A VENDOR CYBER RISK MANAGEMENT PROGRAM […]
Continue reading → [DISPLAY_ACURAX_ICONS]As hackers are discovering that some organizations are opting to not pay the ransom after a ransomware attack, either because they have backups or they do not want to support criminals, the criminals are changing tactics – something we warned about months ago. In this case, CarePartners, a home healthcare service provider in Ontario announced […]
Continue reading → [DISPLAY_ACURAX_ICONS]Sextortion is the act of convincing vulnerable people, often teenagers, to provide the sextortionist with sexually explicit photographs and videos under the threat of releasing other embarrassing material, such nude pictures that may already privately exist in the victim’s email, text messages or private social media. The attacker does this by convincing the victim that […]
Continue reading → [DISPLAY_ACURAX_ICONS]Timehop Hack Compromises 21 Million Users In a bit of good news/bad news, the social media time capsule site Timehop said that it was hacked around July 4th, but that they interrupted the hack in progress. Still the hackers got usernames, passwords, email addresses, date of birth, gender, some phone numbers and other information for […]
Continue reading → [DISPLAY_ACURAX_ICONS]