720-891-1663

Yet Another IoT Device with Hardcoded Credentials

Last month the Mirai botnet took down Twitter, Amazon and hundreds of other web sites by compromising cheap Chinese web cams and weaponizing them.  While the attack was very interesting and could have been a lot worse, I attributed it to it being a cheap Chinese web cam.  Hundreds of thousands of them. Now an […]

Continue reading → [DISPLAY_ACURAX_ICONS]

The Safety Of Using Your Facebook ID To Sign On To Other Websites

UPDATE:  Apparently Paypal was one of the companies affected by some of these OAuth security holes and they just released a fix (Dec 1,2016) for a bug that would allow hackers to steal OAuth tokens from payment apps of third party developers. Many web sites encourage you to sign on with your social media userid […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Michael Page Recruiting Breach Caused By Operations Error – 750,000 People Affected

Michael Page/ The Page Group is a family of international recruiters operating in 35 countries and employing over 5,000 people and based in the United Kingdom. Like many companies, PageGroup outsourced at least part of their IT operations;  in their case to another huge firm, CapGemini. Earlier this month, Troy Hunt (a Microsoft MVP and […]

Continue reading → [DISPLAY_ACURAX_ICONS]

DDoS Attack Turns Off The Heat. In Finland. In the Winter.

The most recent distributed denial of service attack (DDoS) meant that most people could not get to Twitter.  While that was awful and may have forced a few people to actually work instead of tweeting, for the most part, that was not a big deal.  In fairness to the DYN attack, there were actually hundreds […]

Continue reading → [DISPLAY_ACURAX_ICONS]

A Lawyer’s Job Is Getting Tougher

This post applies to two groups of people – Members of a law firm Clients who share their sensitive information with their law firms That pretty much means everyone! The American Bar Association model rule of Professional Conduct 1.6 says that “a lawyer shall make reasonable efforts to prevent the inadvertent or unauthorized access, to information […]

Continue reading → [DISPLAY_ACURAX_ICONS]