Security

Privacy

Privacy is more than just settings in your social media account or using the Tor Browser. Your data and actions are collected in a variety of ways. The more aware you are of just how much of your data is collected, the better you can protect it.
Categories: Security

Forwarding Emails

When you forward an email to others or copy new people to an email thread, review all the content in the entire email and make sure the information contained in it is suitable for everyone. It is very easy to forward emails to others, not realizing there is highly sensitive information in the bottom of the email that people should not have access to.
Categories: Security

Patch and Update

One of the most effective ways you can protect your computers and devices at home is to make sure both the operating system and your applications are patched and updated. Enable automatic updating whenever possible.
Categories: Security

Digital Inheritance

What happens to our digital presence when we die or become incapacitated? Many of us have or know we should have a will and checklists of what loved ones need to know in the event of our passing. But what about all of our digital data and online accounts? Consider creating some type of digital will, often called a "Digital Inheritance" plan.
Categories: Security

Fake News

Fake news is a false narrative that is published and promoted as if it were true. People (and organizations) create fake news to control and manipulate your thoughts and actions. Be skeptical of what you read on the Internet, use trusted sources that are vetted, check their motivations and funding.
Categories: Security

Ransomware

Ransomware is a special type of malware. Once it infected your computer, it encrypts all of your files and demands you pay a ransom if you want your files back. Be suspicious of any emails trying to trick you into opening infected attachments or click on malicious links, common sense is your best defense. In addition. backups are often the only way you can recover from ransomware.
Categories: Security

Careers in Cybersecurity

Have you considered a career in cybersecurity? It is a fast-paced, highly dynamic field with a huge number of specialties to choose from, including forensics, endpoint security, critical infrastructure, incident response, secure coding, and awareness and training. In addition, a career in cybersecurity allows you to work almost anywhere in the world, with amazing benefits and an opportunity to make a real difference. However, the most exciting thing is you do NOT need a technical background, anyone can get started.
Categories: Security

Messaging / Smishing Attacks

Cyber attackers can just as easily trick or fool you in messaging apps as they can in email. Be on the look-out for scams or attacks via apps such as Slack, Skype, WhatsApp or event simple text messaging. The most common clues are tremendous sense of urgency or curiosity.
Categories: Security

Social Media Privacy Settings

Privacy settings on social networks can be confusing to configure and change often. Ultimately, if you do not want your parents or boss reading one of your posts, do not post the message or photo.
Categories: Security

Securing Your Wi-Fi Access Point

The first step to creating a cybersecure home is to start by securing your Wi-Fi Access Point. Change your Wi-Fi Access Points default administrator password to something only you know. Many Wi-Fi Access Points or Wi-Fi routers are shipped with default administrator passwords that are publicly known and posted on the Internet.
Categories: Security

Got Backups?

Eventually, we all have an accident or get hacked. And when we do, backups are often the only way to recover. Backups are cheap and easy; make sure you are backing up all of your personal information at home (such as family photos) on a regular basis.
Categories: Security

Identity Theft

Identity theft is when someone steals information about you and then uses that information to pretend to be you and commit crimes, such as credit card fraud. One of the key steps to protecting yourself is monitoring your financial, credit score and credit card accounts. The sooner you detect fraud in any of these accounts, the sooner you can minimize the damage.
Categories: Security

The DMCA and its Chilling Effects on Research

Schneier on Security - Mon, 04/16/2018 - 12:46
The Center for Democracy and Technology has a good summary of the current state of the DMCA's chilling effects on security research. To underline the nature of chilling effects on hacking and security research, CDT has worked to describe how tinkerers, hackers, and security researchers of all types both contribute to a baseline level of security in our digital environment... Bruce Schneier
Categories: Security

Friday Squid Blogging: Eating Firefly Squid

Schneier on Security - Fri, 04/13/2018 - 22:24
In Tokama, Japan, you can watch the firefly squid catch and eat them in various ways: "It's great to eat hotaruika around when the seasons change, which is when people tend to get sick," said Ryoji Tanaka, an executive at the Toyama prefectural federation of fishing cooperatives. "In addition to popular cooking methods, such as boiling them in salted water,... Bruce Schneier
Categories: Security

COPPA Compliance

Schneier on Security - Fri, 04/13/2018 - 12:43
Interesting research: "'Won't Somebody Think of the Children?' Examining COPPA Compliance at Scale": Abstract: We present a scalable dynamic analysis framework that allows for the automatic evaluation of the privacy behaviors of Android apps. We use our system to analyze mobile apps' compliance with the Children's Online Privacy Protection Act (COPPA), one of the few stringent privacy laws in the... Bruce Schneier
Categories: Security

Cybersecurity Insurance

Schneier on Security - Thu, 04/12/2018 - 12:36
Good article about how difficult it is to insure an organization against Internet attacks, and how expensive the insurance is. Companies like retailers, banks, and healthcare providers began seeking out cyberinsurance in the early 2000s, when states first passed data breach notification laws. But even with 20 years' worth of experience and claims data in cyberinsurance, underwriters still struggle with... Bruce Schneier
Categories: Security

The Digital Security Exchange Is Live

Schneier on Security - Wed, 04/11/2018 - 12:33
Last year I wrote about the Digital Security Exchange. The project is live: The DSX works to strengthen the digital resilience of U.S. civil society groups by improving their understanding and mitigation of online threats. We do this by pairing civil society and social sector organizations with credible and trustworthy digital security experts and trainers who can help them keep... Bruce Schneier
Categories: Security

DARPA Funding in AI-Assisted Cybersecurity

Schneier on Security - Tue, 04/10/2018 - 12:11
DARPA is launching a program aimed at vulnerability discovery via human-assisted AI. The new DARPA program is called CHESS (Computers and Humans Exploring Software Security), and they're holding a proposers day in a week and a half. This is the kind of thing that can dramatically change the offense/defense balance.... Bruce Schneier
Categories: Security

Obscure E-Mail Vulnerability

Schneier on Security - Mon, 04/09/2018 - 12:30
This vulnerability is a result of an interaction between two different ways of handling e-mail addresses. Gmail ignores dots in addresses, so bruce.schneier@gmail.com is the same as bruceschneier@gmail.com is the same as b.r.u.c.e.schneier@gmail.com. (Note: I do not own any of those email addresses -- if they're even valid.) Netflix doesn't ignore dots, so those are all unique e-mail addresses and... Bruce Schneier
Categories: Security

Friday Squid Blogging: Sake Decanters Made of Dried Squid

Schneier on Security - Fri, 04/06/2018 - 21:59
This is interesting. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.... Bruce Schneier
Categories: Security
Syndicate content

eXTReMe Tracker