Education: CISSP, RHCSA
Highlights of your career? Reverse engineering human brain patterns.
What malware do you hate the most? Nation state sponsored low and slow.
Favorite activities? Building and flying airplanes.
What is your golden rule for cyberspace? Stupid hurts.
When did you get your first computer and what kind was it? 1988, Radio Shack TRS-80.
Favorite computer game/activity? Java/Big Data algorithms to find brain patterns.
The Android ecosystem has taken the market by storm in the last few years, with hundreds of millions of devices, smartphones and tablets, already in the hands of customers, and more on the way this holiday season. As you will know if you read our recent blog post about malware trends in 2013, malicious code
As the Better Business Bureau recently warned, scam artists are gearing up for the Presidential election season. So what pitfalls do consumers face during the final stretch of campaigning, on computers and on the phone? Recently, we’ve seen examples of phony phone calls, phony websites seeking donations, and there may be more to come. Regular
If you use an Android phone you may have heard of something called the USSD vulnerability. This allows a nasty piece of malicious software to reset your Android to its factory default settings and permanently delete your data.
In our last post (part 1 of 2), we dove into Facebook timeline privacy and security, prompted by the universal imposition of the timeline view that is currently under way on the world’s largest social network. In this second part, we continue reviewing our Facebook timeline from other people’s perspective, using a tool called View
Now that Facebook’s timeline feature is in the final stages of being rolled out to all users (including, finally, to my account), it is important that everyone understands how to use the feature and, most importantly, how to secure your identity and privacy in its new context. Timeline is quite a simple feature, introduced by
So, we read that one or more hackers claim to have gained access to Mitt Romney’s tax records, reported first in a Nashville paper, then in the tech/business press. The hack allegedly took place at the Franklin office of PriceWaterhouseCoopers just outside of Nashville, and PWC has alleged that no such thing happened. We have
We read that “FinFisher spyware made by U.K.-based Gamma Group can take control of a range of mobile devices, including Apple Inc.’s iPhone and Research in Motion Ltd.’s BlackBerry…”, at the opening of a Bloomberg article that several readers of the ESET blog sent us yesterday, along with a number of questions that boil down
Ahead of next week’s VMWorld in San Francisco, here are some thoughts on the safe use of cloud computing for smaller businesses, along with a podcast (see the link at end of the post). The Cloud concept, a flexible Virtual Machine (VM) based system that allows rapid expansion and dedicated functionality without hiring new staff,
A new tech startup that produces facial recognition camera systems tied to Facebook tagged photos, plans to offer the technology to more traditional physical stores so they could offer you appropriate deals as you enter their business. That’s great for stores who want to have more targeted information about you, based on a bit of
In May we read that game maker Blizzard, developer of a series of popular games including World of Warcraft, Diablo III and Starcraft, was hacked, but that turned out to just be individual compromised accounts from some of its users. Now we read, from Blizzard itself rather than a third party, that they have been
For years scammers and hackers focused largely on Windows x86-based platforms, in many ways because that’s where the bulk of the users were. But times change, and new targets emerge. At Blackhat and Defcon last week we saw a flurry of talks on Mac OSX/iOS security, trying to illuminate possible chinks in the armor. From
After my colleague Stephen Cobb stood in a huge line at Defcon waiting to get into the Friday keynote by NSA chief General Alexander, plus a swarm of interest shown at the two-part Meet the Fed panel presentation the next day, it’s becoming clear that multiple agencies of the federal government are focused on hackers,
If your organization’s website runs on Apache, and many do, you might wonder if the webserver’s .htaccess controls are securely configured. If you believe the demo we saw yesterday at Blackhat by Matias Katz and Maximiliano Soler, the answer is a resounding ‘NO!’ What Katz and Soler described in their session is not some rare
Blackhat keynote speaker Shawn Henry, the former executive assistant director of the FBI’s Criminal, Cyber, Response and Service Branch, started off the day after opening remarks from Jeff Moss, founder of Blackhat. Moss wondered if now was the time for the cyber-security sector to take a more aggressive/offensive approach. Jeff mentioned working for a former
Want to access the music tracks of YouTube.com videos on your iPod but don’t want to pay? You’re not alone. Recently, a crop of websites have popped up offering to convert the audio from videos to .mp3 files that you can then download at no charge. Sounds great, right? The catch: scammers are trying to
Gamigo learned a few months ago about a breach and alerted its users that they had been attacked. But now, we see an estimated 8+ million records just went public, no small amount for the attackers. What is interesting is that by one account, hash cracking was able to decrypt over 90% of the passwords,
Small businesses have their hands full these days in light of a down economy, tightening budgets and the steepening pace of business, but with nation-state hacks front and center in the threatscape, should you worry about those too, or are you (and your customers) safe? Nation-state hacks bring to mind images of large defense contractors,
Following the flurry of press coverage surrounding the proposed next generation of driverless cars, privacy groups are asking questions about what will happen to the data the cars (necessarily) collect, which – in the wrong hands – might prove tempting for abuse. Other car manufacturers plan on rolling out real-time data streams of information about
You may have heard that the organization known as europe-v-facebook found that a little-know provision in Facebook’s privacy and user rights policies allowed a vote on proposed changes to be forced if over 7,000 respondents were interested and submitted comments to that effect. When europe-v-facebook publicized this, users swarmed to show support and get their
If the scary email or app notification–and subsequent webpage–is to be believed, you have only a few days to verify your Facebook account or you’ll be out of luck. But don’t worry, a few days later you will magically get a few more days to verify, and so the scam goes. A Twitter follower with
Sign up to our newsletter
The latest security news direct to your inbox
Add this code to your site