Introduction I’ve developed a Sieve script that will auto-respond with a description of how your email message was received, with a snippet of the “Received:” header If you run a mail server or use a local ISP, this is an easy way to see if connections to this site are secure. To use, simply send […]
Internet Security
VMware Exploited Again: Update Now
On Friday, 9/15/2017, VMware released patches for the ESXi Server, Workstation, and Fusion (Apple) hypervisors. The most serious issue, an out-of-bounds write vulnerability, exists in ESXi, and desktop hypervisors Workstation, and Fusion. An attacker could exploit the issue, which exists in a SVGA device, to execute code on the host O/S. This affects ESXi version […]
The Insecurity of Journalism
Bruce Schneier had an interesting post last week on how insecure journalists are. It turned out to be quite an animated discussion. As I commented therein, I really doubt that your typical newspaper reporter gets much cybersecurity, or even cyber-awareness, training in journalism school. There are no whistle-blowers that go to traditional media anymore, a […]
BOLO: Defray Ransomware
Proofpoint has identified a new type of ransomware called “Defray“. Two highly-targeted ransomware attacks have been directed at the Healthcare and Education sector, and another at the Manufacturing and Technology sector. As Proofpoint points out, the attack is not of the “spray and pray” variety like most other ransomware attacks. This suggests a very specific threat actor. […]
Top Attacking Countries: July 2017
The top three countries (Russia, United States, Ukraine) remained the same when compared to WordFence’s June report here. China moved down a couple of notches. Israel moves into the top 20 for the first time.
Has Your Password Been Pwned?
Microsoft’s Troy Hunt has outdone himself. His site is the “Go To” authority for compromised Email accounts. Now, he has added a compilation of exploited passwords, over 320 Million of them. You can check if any of your passwords *might* be compromised here: https://haveibeenpwned.com/Passwords If any of your passwords are listed, you should change them […]
Fast Algorithm of Revertible Operations’ Queen (FAROQ) Cipher
I was reading an article about “Detecting Stingrays” at Schneier’s forum when I came across a post from Omar requesting a code review of an enhanced Rinjdael cipher developed in Iraq: Omar A. Dawood, Abdul Monem S. Rahma, Abdul Mohssen J. Abdul Hossen,”New Symmetric Cipher Fast Algorithm of Revertible Operations’ Queen (FAROQ) Cipher”, International Journal of […]
EFF: Who has your back?
The Electronic Frontier Foundation (EFF) puts together a ranking of companies with how well they stand up to your electronic freedom. The more stars, the better. From their original page here, these are 2017’s listings: Follows industry best practices Tells you about Gov’t data requests Promises not to sell out users Stands up to NSL […]
Top Attacking Countries: June 2017
The US moved into the #2 spot, flip-flopping with the Ukraine at #3 when compare to Wordfence’s May summary:
Debate: Technology, Privacy, and Law Enforcement
Wow. So, I’m trolling through TV channels and I came across a great debate on CSPAN on July 8th. It was originally aired live on June 6, 2017. The CSPAN broadcast can be found here. The debate was sponsored by Intelligence Squared, and their podcast of the debate can be found here. The Debate Question: […]