Thoughts, information and reflections about technology

disaster prevention

Computer systems are under a constant threat of malware, ransomware and other threats. Posts in this category relate to preventing loss resulting from attacks on your systems.

 

1 2 3 8

Craigslist password protected email danger – How to avoid the malware

I received an email that appeared to be a response to a craigslist posting I made. The email said to open the Word document with the supplied password for the contact information. As soon as I saw that I pictured the goofy robot with it’s arms flailing saying “Danger Will Robinson. DANGER, DANGER”, or the weird fish guy saying “It’s a trap!!”. Here is how to identify these traps. Continue reading

KB4056892, the Windows 10 patch to address Meltdown/Spectre installed on my laptop – Performance results are…

There has been a lot of speculation that the software patches to OS’s to address the Meltdown, Spectre could result in a 30 percent performance decrease . The update installed on my laptop on Jan 3rd and the results are.. Continue reading

Cert links to guidance from manufacturers affected by Meltdown and Spectre

Cert has published links to guidance from vendors regarding Meltdown and Spectre. It includes Amazon AWS, Android and numerous other vendors. You almost certainly have to apply the patches but the performance impact is hideous (30 percent).
See the CERT bulletin for details.  Continue reading

With Meltdown and Spectre what happens to pending server purchases and how will companies address the performance issues of patches?

Spectre is hitting servers especially hard. The software updates to protect the servers are causing performance issues. In other words, when a patch is applied to address the vulnerability, performance decreases perhaps 30 percent. Continue reading

Meltdown and Spectre – You might NOT have to replace all of your hardware.

The analysis and assessments of the Spectre and Meltdown threats are still coming in. This is something that both business owners and individuals should keep a close eye on.

To recap, these exploits allow an attacker to ‘see’ data  from other applications running on your systems.  This is a HUGE screwup of epic proportions on the part of the chip and software designers. Continue reading

Meltdown and Spectre are going after your private information.

There are two vulnerabilities that were recently brought to light. The essence of these attacks is that they can establish processes that can read the supposedly secure data from other processes.

Suppose you are logged in to your bank via the web. There is data there about account numbers, balances, passwords etc. Some of that will be encrypted. However, the exploit MIGHT be able to view the unencrypted data. After all, your balance and account numbers need to be displayed in a format you can read. Continue reading

Equifax thought admin/admin was a good login/pw to secure your personal information. …

Some more on the equifax thing. Yesterday I posted links to the fact that the Chief of Security for Equifax had a Masters in MUSIC..

I came across an excellent article where, apparently, the writer was in direct contact with the hackers. The lack of security of OUR PERSONAL INFORMATION at the hands of Equifax is appalling.

In one example, they had a critical dashboard secured as admin/admin..  In another case, they had the private keys stored directly on a dashboard page. Continue reading

1 2 3 8
Contact me
Archives
Categories
Amazon Disclosure

We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites.