Security
Posts regarding security and disaster prevention for all platforms.
Silly cPanel Warning after installing an SSL certificate on a domain without a dedicated IP
I installed an SSL certificate on a domain that does not have a fixed IP. It warned that Microsoft IE on Windows XP will give a false security warning.. REALLY?? This is 2018. Is anyone using XP? Continue reading
Is your site on HTTPs yet? Chrome will warn users who visit http sites.
Beginning in July 2018, user who browse with Chrome will receive a warning before visiting http sites. If your site is on http, now is the time to migrate it to https.
Another clever Facebook Phishing scam
I was checking Facebook on my phone and saw an alert that a friend had sent an image. When I opened the message in messenger, there was something that looked like a video link.
“Your computer needs maintenance” scams.
I had a client that I haven’t heard from for a while call. He had been web browsing and got a persistent window stating that his machine needed attention. SCAM SCAM SCAM.
Have Google do a quick security check on your Google account with the Google Security Check
A person’s Google account is becoming increasingly important. Google offers a quick security check for your account that takes about 3 minutes to complete. Continue reading
What would you say if I told you that your television was listening to your conversations?
Many years ago, back in the 1980’s. I studied Tae Kwon Do. After class we would often go out for ONE beer. Any more and the instructor would not be happy.
One night, one of the newer students said “You know, they used to only be able to listen to you, now they can watch you through your television”. We had a couple of minutes of discussion on this. Continue reading
Meltdown and Spectre are going after your private information.
There are two vulnerabilities that were recently brought to light. The essence of these attacks is that they can establish processes that can read the supposedly secure data from other processes.
Suppose you are logged in to your bank via the web. There is data there about account numbers, balances, passwords etc. Some of that will be encrypted. However, the exploit MIGHT be able to view the unencrypted data. After all, your balance and account numbers need to be displayed in a format you can read. Continue reading
Danger Will Robinson. Do NOT reply with your ‘first car’
I’ve been seeing an increasing number of Facebook posts that ask something like
What was the first car you ever owned? -or- Where did you meet the love of your live?
Replacement android keyboards could compromise your data
I found this article about the dangers posed by replacement android keyboards. This makes a lot of sense. The keyboard tracks every keystroke or voice command you give.
In some cases, files were found that contained email addresses and passwords. Continue reading
Equifax thought admin/admin was a good login/pw to secure your personal information. …
Some more on the equifax thing. Yesterday I posted links to the fact that the Chief of Security for Equifax had a Masters in MUSIC..
I came across an excellent article where, apparently, the writer was in direct contact with the hackers. The lack of security of OUR PERSONAL INFORMATION at the hands of Equifax is appalling.
In one example, they had a critical dashboard secured as admin/admin.. In another case, they had the private keys stored directly on a dashboard page. Continue reading