Phishing is [still] the primary way attackers either commit a primary criminal act (i.e. phish a target to, say, install ransomware) or is the initial vehicle used to gain a foothold in an organization so they can perform other criminal operations to achieve some goal. As such, security teams, vendors and active members of the… Continue reading
Post Category → Encryption
Off By One : The Importance Of Fact Checking Breach Reports
I didn’t read through the Massachusetts 2011 Report on Data Breach Notifications [PDF] until recently, but once I went through the report my brain kept telling me “something is wrong”. Not something earth shattering, but more of a “something is off” signal. This happens more than I’d like as I tend to constantly background process what… Continue reading
Dropbox 1.2.0 Experimental Build “Fixes” Security Issue
If you are concerned about the Dropbox design flaw exposed by the dbClone attack, then have we got a link for you! The intrepid DB devs have tossed up a forum release which purports to fix all the thorny security issues. You can no longer just copy a config file to a separate machine to… Continue reading