Smashing Security #061: Fallout over Hawaii missile false alarm PODCAST

Smashing Security #061: Fallout over Hawaii missile false alarm

User interfaces and poor procedures lead to pandemonium in Hawaii, hackers are attempting to trick victims into opening cryptocurrency-related email attachments, and yet more pox-ridden apps are found in Android's Google Play store.

All this and much much more is discussed in latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.

Read more...
Hawaii's missile alert agency keeps its password on a Post-it note

Hawaii's missile alert agency keeps its password on a Post-it note

Last Saturday the people of Hawaii received a terrifying alert about a ballistic missile heading its way. Thankfully, the alert turned out to have been sent in error by the Hawaii Emergency Management Agency.

Now evidence has come to light that some of the organisation's staff might be in the habit of sticking Post-it notes containing passwords onto their computer monitors.

Read more in my article on the Hot for Security blog.

Read more...
Get trending info on hackers, exploits, and vulnerabilities every day for FREE with the Recorded Future Cyber Daily [Sponsor] SPONSOR

Get FREE threat intelligence on hackers and exploits with the Recorded Future Cyber Daily

Many thanks to the great folks at Recorded Future, who have sponsored my writing for the last week.

Recorded Future provides deep, detailed insight into emerging threats by automatically collecting, analyzing, and organizing billions of data points from the Web.

And now, with its FREE Cyber Daily email all IT security professionals can access information about the top trending threat indicators - helping you use threat intelligence to help make better decisions quickly and easily.

Which means that you will be able to benefit from a daily update of the following:

  • Information Security Headlines: Top trending news stories.
  • Top Targeted Industries: Companies targeted by cyber attacks, grouped by their industries.
  • Top Hackers: Organizations and people recognized as hackers by Recorded Future.
  • Top Exploited Vulnerabilities: Identified vulnerabilities with language indicating malcode activity. These language indicators range from security research ("reverse engineering," "proof of concept") to malicious exploitation ("exploited in the wild," "weaponized").
  • Top Vulnerabilities: Identified vulnerabilities that generated significant amounts of event reporting, useful for general vulnerability management.

Infosec professionals agree that the Cyber Daily is an essential tool:

"I look forward to the Cyber Daily update email every morning to start my day. It's timely and exact, with a quick overview of emerging threats and vulnerabilities. For organizations looking to strengthen their security program with threat intelligence, Recorded Future’s Cyber Daily is the perfect first step that helps to prioritize security actions." - Tom Doyle, CIO at EBI Consulting.

So, what are you waiting for?

Sign up for the Cyber Daily today, and starting tomorrow you'll receive the top trending threat indicators.


If you’re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.

Read more...
Smashing Security #060: Meltdown, Spectre, and personal devices in the White House PODCAST

Smashing Security #060: Meltdown, Spectre, and personal devices in the White House

The chips are down, as tech companies struggle to protect against the Meltdown and Spectre flaws. The White House is getting tough on leakers by banning personal devices from the West Wing. And someone has been embedding a Bitcoin wallet into their hand...

All this and much much more is discussed in latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by David McClelland.

Read more...