Category: Cyber Security

California DMV (updated)

California DMV uses convergepay for credit card processing. I just re-ran a check of that site on SSL Labs to check the certificate and security and the grade was a B (it was previously a C). There is no support for secure renegotiation This server does not support Forward Secrecy with the reference browsers. Server … Continue reading California DMV (updated) →

Mass Router Hack

It was just reported by Ars Tecchnica that there is a massive router hack that affected 45,000 routers. The hackers used the EthernalBlue (a NSA tool) to hack the routers. The attack target routers UPnP (universal plug and play). I suggest that everyone should turn off UPnP unless you really need it. I you think … Continue reading Mass Router Hack →

Fake Apps

Google play store is full of fake apps and its getting a lot of downloads. It seems to me that these games may appeal to kids. Please exercise caution when downloading apps or when your kids play with your phone.

Home Routers

There are many makers of home routers and it seems like D-Link does not care about security. D-Link have eight routers that have problems and after about nine month they have not fix any of the problems. All I have to say is that if D-Link don't care about the consumers we shall give them … Continue reading Home Routers →

D-Link Backdoor

D-Link DIR-620 routers contains a backdoor account was discovered by Kaspersky Lab researchers. Firmware that was found to have the backdoor are 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22. D-Link have no plans to update the firmware due to the age of the router. If you have one of the DIR-620 I would not … Continue reading D-Link Backdoor →

UPnP

Unless you know for sure that you are going to use UPnP (universal plug and play), always disable it on your router. With UPnP turned on your inviting every one to your router.

IDIOT

I Don't Internet of Things According to Darktrace, in 2017 a casino in North America was hacked and 10GB of high roller data was leaked. The hacker got into the casino network through a IOT device. The IOT device in question is the thermostat in the fish tank that's in the casino's lobby area. Always … Continue reading IDIOT →

To Bing or not to Bing

If you do a search in Bing for "chrome download" you will be presented with a link that will take you to a bad download site. The Chrome installer that you get from the bad site will have virus and malware. When downloading any software one should always go directly to the delevper's site.

Web Check

Three good sites that you can use to check any website to see how secure it is: SSL Labs can be used to check site certificate and provides a security grade. Virus Total can be used to check how clean a web site or a file is. Fake spot can be used to check how … Continue reading Web Check →

VPN

Not all VPN service providers are created equal. There are a few that were found recently to have IP leak and other issues. A researcher has put together a list of VPN that he tested here (list is incomplete due to limited funds). His article can be found here. Personally I use ProXPN, Tunnel Bear, … Continue reading VPN →

S	M	T	W	T	F	S
« Nov
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30	31