When traveling, it is very easy to forget where you are when discussing business with colleagues. That airport, taxi, restaurant or hotel lobby may have individuals nearby eavesdropping on your conversation. When discussing confidential information, agree to hold off on the conversation until you can be assured of privacy. Also, be careful not to share sensitive information with strangers you meet.
Categories: Security

Hijacking Computers for Cryptocurrency Mining

Schneier on Security - Wed, 03/21/2018 - 12:27
Interesting paper "A first look at browser-based cryptojacking": Abstract: In this paper, we examine the recent trend towards in-browser mining of cryptocurrencies; in particular, the mining of Monero through Coinhive and similar code-bases. In this model, a user visiting a website will download a JavaScript code that executes client-side in her browser, mines a cryptocurrency, typically without her consent or... Bruce Schneier
Categories: Security

You Are a Target

You may not realize it, but you are a target. Your computer, your work and personal accounts and your information are all highly valuable to cyber criminals. Be mindful that bad guys are out to get you.
Categories: Security

Dan Geer on the Dangers of Computer-Only Systems

Schneier on Security - Tue, 03/20/2018 - 12:00
A good warning, delivered in classic Dan Geer style.... Bruce Schneier
Categories: Security

What is Malware

Malware is software--a computer program--used to perform malicious actions. In fact, the term malware is a combination of the words malicious and software. Cyber criminals install malware on your computers or devices to gain control over them or gain access to what they contain. Once installed, these attackers can use malware to spy on your online activities, steal your passwords and files, or use your system to attack others.
Categories: Security

Israeli Security Attacks AMD by Publishing Zero-Day Exploits

Schneier on Security - Mon, 03/19/2018 - 12:27
Last week, the Israeli security company CTS Labs published a series of exploits against AMD chips. The publication came with the flashy website, detailed whitepaper, cool vulnerability names -- RYZENFALL, MASTERKEY, FALLOUT, and CHIMERA -- and logos we've come to expect from these sorts of things. What's new is that the company only gave AMD a day's notice, which breaks... Bruce Schneier
Categories: Security

Forwarding Emails

When you forward an email to others or copy new people to an email thread, review all the content in the entire email and make sure the information contained in it is suitable for everyone. It is very easy to forward emails to others, not realizing there is highly sensitive information in the bottom of the email that people should not have access to.
Categories: Security

Friday Squid Blogging: New Squid Species Discovered in Australia

Schneier on Security - Fri, 03/16/2018 - 22:10
A new species of pygmy squid was discovered in Western Australia. It's pretty cute. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.... Bruce Schneier
Categories: Security

Interesting Article on Marcus Hutchins

Schneier on Security - Fri, 03/16/2018 - 12:12
This is a good article on the complicated story of hacker Marcus Hutchins.... Bruce Schneier
Categories: Security

Patch and Update

One of the most effective ways you can protect your computer at home is to make sure both the operating system and your applications are patched and updated. Enable automatic updating whenever possible.
Categories: Security

Artificial Intelligence and the Attack/Defense Balance

Schneier on Security - Thu, 03/15/2018 - 12:16
Artificial intelligence technologies have the potential to upend the longstanding advantage that attack has over defense on the Internet. This has to do with the relative strengths and weaknesses of people and computers, how those all interplay in Internet security, and where AI technologies might change things. You can divide Internet security tasks into two sets: what humans do well... Bruce Schneier
Categories: Security

Reporting an Incident

Eventually, we all get hacked. The bad guys are very persistent and we can all make a mistake. If a phone call from the "Help Desk" doesn't sound quite right, if an email seems suspicious or if a program you installed starts acting funny, ask for help! Your security team is there to help you. The sooner you report an incident, the sooner we can help resolve the problem.
Categories: Security

The 600+ Companies PayPal Shares Your Data With

Schneier on Security - Wed, 03/14/2018 - 12:24
One of the effects of GDPR -- the new EU General Data Protection Regulation -- is that we're all going to be learning a lot more about who collects our data and what they do with it. Consider PayPal, that just released a list of over 600 companies they share customer data with. Here's a good visualization of that data.... Bruce Schneier
Categories: Security

E-Mailing Private HTTPS Keys

Schneier on Security - Tue, 03/13/2018 - 12:31
I don't know what to make of this story: The email was sent on Tuesday by the CEO of Trustico, a UK-based reseller of TLS certificates issued by the browser-trusted certificate authorities Comodo and, until recently, Symantec. It was sent to Jeremy Rowley, an executive vice president at DigiCert, a certificate authority that acquired Symantec's certificate issuance business after Symantec... Bruce Schneier
Categories: Security

Mobile Apps

Only install mobile apps from trusted places, and always double-check the privacy settings to ensure you are not giving away too much information.
Categories: Security

Greyshift Sells Phone Unlocking Services

Schneier on Security - Mon, 03/12/2018 - 20:27
Here's another company that claims to unlock phones for a price.... Bruce Schneier
Categories: Security

Two New Papers on the Encryption Debate

Schneier on Security - Mon, 03/12/2018 - 12:27
Seems like everyone is writing about encryption and backdoors this season. "Policy Approaches to the Encryption Debate," R Street Policy Study #133, by Charles Duan, Arthur Rizer, Zach Graves and Mike Godwin. "Encryption Policy in Democratic Regimes," East West Institute. I recently blogged about the new National Academies report on the same topic. Here's a review of the National Academies... Bruce Schneier
Categories: Security

Kids and Mobile Devices

If you have kids with mobile devices, create a central home charging station in your bedroom. Before the kids go to bed at night, have them put their mobile devices there so they are not tempted to play with them when they should be sleeping.
Categories: Security

Friday Squid Blogging: Interesting Interview

Schneier on Security - Fri, 03/09/2018 - 23:22
Here's an hour-long audio interview with squid scientist Sarah McAnulty. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.... Bruce Schneier
Categories: Security

OURSA Conference

Schneier on Security - Fri, 03/09/2018 - 13:24
Responding to the lack of diversity at the RSA Conference, a group of security experts have announced a competing one-day conference: OUR Security Advocates, or OURSA. It's in San Francisco, and it's during RSA, so you can attend both.... Bruce Schneier
Categories: Security
Syndicate content

eXTReMe Tracker