When Sharon and I give security presentations, the topic of insecure Wi-Fi networks typically makes it in a few slides. Tech Republic posted information about a report from Coronet that identified the ten worst airports for Wi-Fi security. To quote the post, “Hackers can use the poor cyber hygiene and insecure Wi-Fi at many airports to inject advanced network vulnerabilities like captive portals, Evil Twins, ARP poisoning, VPN gaps, honeypots, and compromised routers.” Any of these vulnerabilities could allow an attacker to get the account credentials for cloud services such as Dropbox, Office 365, G Suite, etc. View Full Post
Users should enable and use two factor authentication (2FA) whenever it is available. Sure there are issues with using SMS as a second factor, but 2FA is by far better than just using a user ID and password. The attack vectors are constantly changing and the attacks on Office 365 are no exception. View Full Post
Apple hopes to defeat tools that are able to bypass security features of iOS devices with its newest version of the operating system. iOS 11.4.1 has a feature called “USB Restricted Mode” intended to thwart hacking tools such as GrayKey. Naked Security reported that all eligible devices (iPhone 5s and later) have access to the new feature. View Full Post
I’m a big fan of Google’s Chrome browser. What I’m not a fan of is its voracious appetite for eating up system memory. Just check your system resources each time you open a new tab. Part of the reason for consuming memory is for security reasons as many of the browser functions are isolated in separate memory “sandboxes.” In order to obtain stability, Chrome splits every tab, plugin, and extension into its own process, so that if one thing crashes it won’t take down the whole web page. View Full Post
It never fails to amuse me that iPhone users will accept the fact that battery life is crap. As I’ve said many times, just look at any airport waiting area and see how many people are connecting their iDevices to charge them up. View Full Post
It is highly recommended NOT to save any passwords in a browser. If your machine is compromised, there is a potential that all of your saved passwords could be exposed. If you give someone remote access to your computer, your browser password “stash” may get lifted from your machine. View Full Post
Sometimes you just want to capture what’s on your screen to preserve, review, edit or send along as an e-mail attachment. Taking screenshots on Windows or your smartphone are pretty simple, but what about a Mac? It turns out there are several options for taking screenshots on a Mac that are listed in a Wiredpost. View Full Post
The bad guys are coming up with all sorts of techniques to infect your computer. It may be to encrypt your data in hopes that you’ll pay a ransom, steal some processing power to mine cryptocurrency or capture personal data for financial gain. View Full Post
Legal Talk Network has released the latest episode of the Digital Edge podcast, which addresses the Data-Driven Ethics initiative. Jim and Sharon interview Erin Gerstenzang, one of the principals in the initiative. The initiative is a research project that aims to use legal services data to modernize legal rules for professional conduct. View Full Post
Well, it’s finally here. In the Fall of 2017, a vulnerability in WPA2 wireless encryption was discovered. Known as the Krack Attack, the flaw impacts every implementation of WPA2. The manufacturers needed to provide a patch update to fix the flaw. View Full Post
