720-891-1663

Backups Are Your Best Friend – Or Worst Nightmare

CSO Magazine has an interesting article on home and small office backups (see article). Many “private cloud” backups allow you to backup your files to a device on your local network and access your backups anywhere you have access to the Internet.  Sometimes, that was not even intended, but due to misconfiguration or bad default […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Google Declares War. On Ad Injectors!

Ad injectors are usually implemented as browser add-ins that place their own ads on web pages that you visit.  These adds could replace existing ads or insert new, additional ads.  The can also inject malware into your computer. Google worked with a team of researchers at the University of California at Berkeley and found 200 […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Administrator Accounts

UPDATE:  For those of you who are Mac users and laughing at the poor Windows users, this affects you too.  The Rootpipe malware silently escalated its privileges to your maximum privileges to launch an attack on your system.  Apple just recently fixed this, but ONLY FOR THE CURRENT VERSION OF OSx – apparently, it was […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Retailers Ask Congress To Fix The Cyber Security Problem

The National Retail Federation, in testimony before Congress (see article), said that the government should expand protections for debit card users (Federal protections for debit card users are less than for credit card users), pass a national breach notification law and boost prosecution for cyber crimes. The harder question is who is responsible for breaches.  […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Another SSL Attack – But Don’t Panic

SSL and TLS, the security protocols that protect most of our banking and ecommerce transactions is a complicated beast – more so due to the the many options it offers. ars technica in an article titled “Noose around Internet’s TLS system tightens with two new decryption attacks”, discussed a paper presented at Black Hat Asia that describes […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Hilton Honors Web Site Flaw Found and Fixed

I have to both harass and complement Hilton. Until recently, Hilton was offering Honors members 1,000 points to change their passwords. First the harassment: A security staffer at BancSec figured out that you could hijack any other Honors account by guessing or knowing the account number and making a small change to the site’s HTML. The […]

Continue reading → [DISPLAY_ACURAX_ICONS]