Computer systems are under a constant threat of malware, ransomware and other threats. Posts in this category relate to preventing loss resulting from attacks on your systems.
I received an email that appeared to be a response to a craigslist posting I made. The email said to open the Word document with the supplied password for the contact information. As soon as I saw that I pictured the goofy robot with it’s arms flailing saying “Danger Will Robinson. DANGER, DANGER”, or the weird fish guy saying “It’s a trap!!”. Here is how to identify these traps.Continue reading
KB4056892, the Windows 10 patch to address Meltdown/Spectre installed on my laptop – Performance results are…
There has been a lot of speculation that the software patches to OS’s to address the Meltdown, Spectre could result in a 30 percent performance decrease . The update installed on my laptop on Jan 3rd and the results are.. Continue reading
A Windows 10 patch that is supposed to address Meltdown and Spectre vulnerabilities. BEWARE IF YOU HAVE AN AMD PROCESSOR
Windows has released a patch, January 3, 2018—KB4056892 (OS Build 16299.192), that is supposed to help address the Meltdown and Spectre vulnerabilities.. BUT some owners of AMD based machines are reporting crashes.
With Meltdown and Spectre what happens to pending server purchases and how will companies address the performance issues of patches?
Spectre is hitting servers especially hard. The software updates to protect the servers are causing performance issues. In other words, when a patch is applied to address the vulnerability, performance decreases perhaps 30 percent. Continue reading
The analysis and assessments of the Spectre and Meltdown threats are still coming in. This is something that both business owners and individuals should keep a close eye on.
To recap, these exploits allow an attacker to ‘see’ data from other applications running on your systems. This is a HUGE screwup of epic proportions on the part of the chip and software designers. Continue reading
There are two vulnerabilities that were recently brought to light. The essence of these attacks is that they can establish processes that can read the supposedly secure data from other processes.
Suppose you are logged in to your bank via the web. There is data there about account numbers, balances, passwords etc. Some of that will be encrypted. However, the exploit MIGHT be able to view the unencrypted data. After all, your balance and account numbers need to be displayed in a format you can read. Continue reading
Some more on the equifax thing. Yesterday I posted links to the fact that the Chief of Security for Equifax had a Masters in MUSIC..
I came across an excellent article where, apparently, the writer was in direct contact with the hackers. The lack of security of OUR PERSONAL INFORMATION at the hands of Equifax is appalling.
In one example, they had a critical dashboard secured as admin/admin.. In another case, they had the private keys stored directly on a dashboard page. Continue readingNo tags for this post.
Equifax just had a MASSIVE breach that exposed the personal information of MILLIONS of people.
This was despite the outstanding credentials of their Chief Security Officer.. Yep, she had a BA and Master’s in Music.
Marketwatch has an excellent article about this at http://www.marketwatch.com/story/equifax-ceo-hired-a-music-major-as-the-companys-chief-security-officer-2017-09-15 Continue readingNo tags for this post.