An Order of Cybersecurity with a Side of “Hope”
This is a true story. I was sitting at breakfast the other day with my wife. As we waited for our food to arrive, four people were sitting at a socially distanced table. They were discussing how they have to restart their computers every month because of “something Microsoft does ... Read More
Covid-19 Exposure Logging: Key Privacy Considerations
Recently, both Apple and Google released new updates for iPhone and Android devices. One feature that was added was “Covid-19 Exposure Logging.” The feature is off (for now), and according to the text that accompanies the app, when turned on, it is set to communicate via Bluetooth to other devices ... Read More
Snail Mail With a Privacy Twist
A friend of mine received an interesting piece of snail mail the other day. It was one of those inheritance scam letters that usually arrive in E-Mail. An image of the letter is shown below: In summary, the author, a high-ranking bank official, has an unclaimed inheritance that he is ... Read More
CISSP vs. Master’s Degree – Please Take a Neutral Corner!
The UK’s designated national agency responsible for providing information and expert guidance on qualifications (UK NARIC) recently announced that the Certified Information Systems Security Professional (CISSP) credential offered by (ISC)2 is rated as being RQF Level 7, and equal to a particular level of a Master’s Degree. This declaration is ... Read More
Revisiting and Revising Some Tips for National Cyber Security Awareness Month
As a regular reader of Tripwire, you are aware that October is National Cyber Security Awareness Month. Way back in 2015, when the world was an entirely different place, I contributed an article that offered some tips for protecting yourself. Those tips are still relevant: Password management. This should be ... Read More
New York Passes a Law that Further Expands Cyber Protection
The New York State Legislature recently passed a bill that aims to protect New York residents, regardless of the location of the business. The law, known as the Stop Hacks and Improve Electronic Data Security (SHIELD) Act is designed to address unauthorized access of data. The bill expands the definition ... Read More
Are the Robots Getting Better at Image Recognition?
I was logging into an account today and was presented with a CAPTCHA that struck me as quite odd. Normally, the CAPTCHA images are as clear as ever. However, look at these images below: The sample image of the car at the top right is fairly clear, yet the selection ... Read More
Opinion: Back to the Start for 2FA Adoption?
In a previous post, Tripwire asked contributors what their most memorable event of 2018 was. As a follow-up, guest author Bob Covello expands on his thoughts about two-factor authentication (2FA). We in the infosec community have made enormous progress towards getting multi-factor authentication the recognition it deserves. All the respected ... Read More
NCSAM: Consider the Nexus Between your Personal and Professional Life on Social Media
Another National Cyber Security Awareness Month is upon us, and although I have recently wished for its demise through better automated protections, there are some things that cannot be automated. One such area of manual interaction is all the social networks that we use. Unless you are a celebrity with ... Read More
Do Something, Know Something, Learn Something – A 3-Step Guide to Keeping Your InfoSec Career Exciting
If you are like most infosec professionals, each day brings new and interesting challenges. However, like most jobs, there are valleys that we fall into along the course of our professional development. How long can you stare at your SIEM tool before you start to experience some mild tunnel vision, ... Read More
