Security

9 Sep 2021

Ransomware Gangs Are Mostly Just Following the Easy Money

posted in: Security | 0 |

Reading Time: 2 minutes

I saw a few references to this KELA study of ransomware based on doing some digging around the dark web to see what people were looking for. I wasn’t necessarily surprised by what they found, because it seems relatively obvious, but I was a little surprised to see that it’s pretty well-thought-out. I guess I had been working on an assumption that folks using ransomware were just throwing out a wide net and catching whatever they could, but it seems like maybe they are thinking a bit more about what they are doing. … Read More

21 Aug 2021

Linked: Wanted: Disgruntled Employees to Deploy Ransomware

posted in: Links, Security | 0 |

Reading Time: 2 minutes

Look, it makes sense at any time, but right now with companies varying sets of rules around a pandemic, forcing employees back to an office, mandating a vaccine if they do, closing offices, etc. there is bound to be at least one person who just isn’t very happy with whatever stance the company has taken.

Would the vast majority of them stoop to purposefully installing ransomware on the corporate network? Probably not, but the hacker doesn’t need the majority, they need 1. Just one person to be so angry, and also unethical, and they are in.… Read More

7 Aug 2021

Apple’s Image Scanning Tool is, Well, Complicated

posted in: Security, Tech | 0 |

Reading Time: 3 minutes

At first blush, the idea of scanning images synced up to iCloud for child sexual abuse materials against the hash list of known CSAM images seems like a good idea. As a survivor of childhood sexual abuse myself, I want tech companies to takes some initiative to deal with this issue. They also want to scan images on kids’ phones using AI to see if kids are getting into any trouble with sending or receiving sexual material. Again, that sounds like a good thing. But, as the EFF points out, this all requires a backdoor, and backdoors, once created, almost never remain used for just one purpose.… Read More

23 Jul 2021

Your People Are Routing Around Your IT Security

posted in: Security | 0 |

Reading Time: 2 minutes

That combination of things points to one, larger, issue. There’s a pretty large communication gap between IT and business users. The security restrictions that exist are getting in the way of people getting work done, and rather than ask for them to be changed, users simply work around them using their own tools, maybe even their own laptops, or network connections, and the IT folks don’t even know this is happening.

That’s a recipe for disaster. It might be time to work on communicating with your users, and of course when I say “communicate” that absolutely means listening too.… Read More

21 Jul 2021

Linked: Spyware meant to track terrorists was used against journalists, too

posted in: Links, Security | 0 |

Reading Time: 1 minute

Yeah, no one ever misuses these kinds of tools, right? Nope, nothing to worry about here, they are only ever used to target bad guys. You have nothing to fear from them.

Whatever.… Read More

14 Jul 2021

Linked: Facebook Fired Dozens Over Abusing Access to User Data, New Book Says

posted in: Links, Security | 0 |

Reading Time: 2 minutes

The question really is not if your data is going to get breached, or misused in some way, but when. It’s going to happen, you might want to plan for that eventuality instead of just asking nicely for people not to do that.… Read More

7 Jul 2021

Linked: 1 in 4 employees say they still have access to accounts from past jobs, survey finds

posted in: Links, Security | 0 |

Reading Time: 1 minute

To borrow from Cris Carter, “Come On Man!” Actually, it’s easy to blame some lazy IT folks for not disabling accounts, but I’d be willing to bet that quite a few of these are actually some third party app, or … Read More

Security

Privacy Policy Settings

Top Posts