Do you wipe?

Study shows that about two thirds of second hand storage devices still contain personal data that are trivial to recover. Always remember to completely wipe your storage device before you sell it or giving it away.

Cortana Hack

A mal-doer with physical access to a locked Windows 10 computer can use a Cortana bug and let the mal-doer change password on a locked computer. The latest patch Tuesday fixed this issue. Anyone using windows 10 should update as soon as possible.

D-Link Backdoor

D-Link DIR-620 routers contains a backdoor account was discovered by Kaspersky Lab researchers. Firmware that was found to have the backdoor are 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22. D-Link have no plans to update the firmware due to the age of the router. If you have one of the DIR-620 I would not … Continue reading D-Link Backdoor →

Chili’s Restaurant Card Breach

Chili's reported that malware had breached its payment system and stolen credit card and debt card information. Breach happened between March to April 2018. Incident disclosure from Chili's

California DMV

Below information has been updated. Please refer to the latest write up. California DMV uses convergepay for credit card processing. I just ran a check of that site on SSL Labs to check the certificate and security and the grade was a C. This server is vulnerable to the POODLE attack. There is no support … Continue reading California DMV →

UPnP

Unless you know for sure that you are going to use UPnP (universal plug and play), always disable it on your router. With UPnP turned on your inviting every one to your router.

IDIOT

I Don't Internet of Things According to Darktrace, in 2017 a casino in North America was hacked and 10GB of high roller data was leaked. The hacker got into the casino network through a IOT device. The IOT device in question is the thermostat in the fish tank that's in the casino's lobby area. Always … Continue reading IDIOT →

To Bing or not to Bing

If you do a search in Bing for "chrome download" you will be presented with a link that will take you to a bad download site. The Chrome installer that you get from the bad site will have virus and malware. When downloading any software one should always go directly to the delevper's site.

Web Check

Three good sites that you can use to check any website to see how secure it is: SSL Labs can be used to check site certificate and provides a security grade. Virus Total can be used to check how clean a web site or a file is. Fake spot can be used to check how … Continue reading Web Check →

VPN

Not all VPN service providers are created equal. There are a few that were found recently to have IP leak and other issues. A researcher has put together a list of VPN that he tested here (list is incomplete due to limited funds). His article can be found here. Personally I use ProXPN, Tunnel Bear, … Continue reading VPN →

S	M	T	W	T	F	S
« Dec
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31