The Death of the Password

Password’s are dead. Why? Typical passwords are trivially easy to crack, even “strong” password can often be cracked within hours, if not minutes, by a hackers using a standard “dictionary attack.”

[Read More ... ]

MS14-066 is a critical security update for Windows servers – patch as soon as possible

Yesterday (11-Nov-2014) was patch Tuesday and Microsoft released 14 security bulletins.  As is typical, each bulletin describes one or more vulnerabilities in one or more Microsoft products. One of these bulletins, MS14-066, looks to be extraordinarily important as it describes a vulnerability that can be exploited by a malicious actor simply by sending carefully designed […]

[Read More ... ]

Why finding an EXE in your mail is a terrible thing

The humble email attachment … arguably the most useful, yet most harmful, electronic communication development of the late 20th century. Once a novelty, email attachments are now as ubiquitous as … well, email itself! There’s no denying how convenient it is to share files with clients, colleagues &  friends; unfortunately that very utility has made email […]

[Read More ... ]

[ALERT] Heartbleed – What to do and what NOT to do

  Late on April 7 news came out that a key piece of software used by a majority of websites for secure transmission of information including logon passwords was broken.  Since that time websites and organizations have been scrambling to put in place a fix.  For the majority of major websites that work has been […]

[Read More ... ]

A Windows Security Update You MUST Install (KB2621440)

Every second Tuesday of the month Microsoft publishes a set of security bulletins along with security updates (patches) that address the flaws described in the bulletins. Every IT gal and guy knows this, so we simply build in the security update review and deployment process into our planned maintenance schedule. Sometimes, however, a security bulletin makes […]

[Read More ... ]

Phone scams – the home computer connection

Do you give out personal information to people you don’t know when they call you?  Neither do I!  That is why you should take special care if you receive a call out of the blue telling you there is a problem with your PC and offering to fix it. For some time now scammers have […]

[Read More ... ]

How to… Apply Windows Updates

Computer updates … what’s the deal, why bother? Unfortunately, patches & updates (security updates, in particular) are a fact of life on today’s Internet. The bad guys (hackers) are continually looking for – and being successful in finding – ways to break into computer systems. Targets are not just big companies, either – there is […]

[Read More ... ]

Is your password on this Internet list?

This article is an extremely worthwhile read, and a reminder why we need to take care when selecting passwords for online services. Using a common and/or easy-to-guess password opens up the possibility of having your system hacked, your identity stolen, or worse.

[Read More ... ]

Malware Alert: “MACDefender” scareware targeting Mac OSX

Mac users, beware a series of new ‘scareware’ malicious campaigns targeting MacOS! If you see a seemingly legitimate looking warning advising you to install or use “MAC Defender,” it is bogus – close it immediately with an apple-Q! New MAC OS X scareware delivered through blackhat SEO

[Read More ... ]