This is What Spies Do It has come out that western (read one or more of the five eyes countries) inserted malware into Yandex (Russia’s equivalent of Google) in order to steal administrative credentials. The purpose was, apparently, to read emails of interest to the western spies. We need to understand that we do it […]
Continue reading → [DISPLAY_ACURAX_ICONS]Okay, this is going to take a little bit of explaining so bear with me, but it is important. Everyone knows about the padlock in their browser with says that the traffic to that web site is encrypted using Secure Sockets Layer (SSL) encryption, which has now been upgraded to Transport Layer Security (TLS). The […]
Continue reading → [DISPLAY_ACURAX_ICONS]In the absence of the federal government doing anything useful when it comes to cybersecurity or privacy laws, the states are left to their own ways to implement a patchwork of laws. Here is what they are doing right now. The impact rating is my own. Illinois SB 1624 – This bill requires businesses that […]
Continue reading → [DISPLAY_ACURAX_ICONS]Internet of Things (IoT) and the Industrial version (IIot) are kind of like the wild west at the moment. People and businesses are deploying IoT and IIoT devices at an incredible rate. Estimates are that there will be tens of billions of them deployed over the next few years. But that doesn’t help the security […]
Continue reading → [DISPLAY_ACURAX_ICONS]Asus Was Not Alone I wrote about the Asus supply chain attack in March (search for Asus in the blog search box). Attackers, somehow, compromised the development environment, injected malware and allowed the system to compile, digitally sign and distribute it through the software update process. Hundreds of thousands of clients were infected as a […]
Continue reading → [DISPLAY_ACURAX_ICONS]There is a great piece on ZDNet today about a writer who’s phone number was stolen (not the phone, the number) using a SIM swap attack. In this case, the phone company was T-Mobile and all the hacker had to do is call them, given them a bit of the victim’s information (like secret stuff […]
Continue reading → [DISPLAY_ACURAX_ICONS]