Here’s a good article about someone who hired a a team of professional hackers to investigate himself. Their techniques and results are informative, though the article is a bit long.
Make sure you change the default passwords and update the firmware on your network cameras and baby monitors. Recent security vulnerabilities have made camera takeovers much more common, and this is one of the creepier ones I’ve seen.
Here’s a good case of security taken to an unnecessary extreme. A government agency spent $2.75 million to destroy $170k of hardware because it was infected with malware. The malware apparently could have been removed with standard software methods, rather than destroying the hardware. The only thing that stopped them from destroying more hardware was that they ran out of money. Wow.
The expectation from many users is that Skype conversations are private because they’re encrypted. This article shows that’s not the case, as Microsoft is able to examine at least some (or maybe all) of the content.
Attackers are directing botnets at WordPress sites, trying to guess their admin passwords. I recommend not using “admin” as your administrator name, making sure you have very strong passwords, and use the Limit Login Attempts plugin.
A large number of security cameras are vulnerable to an attack that allows unauthorized users to take control over them. If your cameras are behind a firewall or you don’t mind unauthorized people watching your cameras this isn’t as big a deal for you, but still something to be aware of.
Has someone sent you a bit.ly link that you suspect might be malicious, or do you just want to know where it goes before you click on it? Add a “+” to the end of the link and you’ll pull up an info page, then if it looks ok you can click on though.
Let’s find out.
Do you use Ruby On Rails and the Action Pack framework? You should update your applications immediately. Significant vulnerabilities have been found, allowing theft of sensitive data, administrator access, and denial of service.
Here’s a good overview article for businesses considering moving their data to The Cloud, especially sensitive data with HIPAA and PCI requirements. Essentially your lawyer is your new best friend. Most of the Cloud providers’ contracts prevent you from holding them responsible if anything bad happens to your data, but your lawyer can change the equation in your favor by modifying the contract. Page 2 has some good starter Due Diligence questions to ask when you’re considering a move to The Cloud.
Here’s a decent article from Microsoft on Social Network Safety. It covers things like being aware of how what you post could be used against you, not letting apps access your address book, using social networks at work, and talking to your kids about protecting themselves. For experienced techies it’s worth a quick read to refresh your memory, for everyone else it’s a good article you might want to forward to your friends and family.