Looking at the phishing email I received the other day telling me that my PayPal account had been suspended the next step in my investigation is to determine how it reached my inbox. There are many good resources available that describe manual email header analysis. To start out take a look at this article at … Continue reading Examining PayPal Phishing Email Headers
I received a really authentic looking email message today telling me that my PayPal account had been suspended. Only problem was that he email address the message was sent to doesn't actually have a PayPal account associated with it. But given the effort that must have been taken to undertake this campaign I thought I'd … Continue reading PayPal Phishing…
Many would consider me an Internet old timer. I used 'The Internet'; then ARPAnet back in the days when I worked as a Software Engineer for a US defense contractor. Securing communications and having confidence in message integrity; both in the identity of the sender and in the integrity in the content have always been … Continue reading The State of Internet Privacy? In Shambles. Moving on.
Thoughts about an interesting article that appeared in today's New York Times about the use of cellphone numbers.
Over the past two weeks I've noticed that on my iMac 1Password and Chrome have not been playing nice together. When i try to use 1Password to fill in passwords in Chrome I'm seeing the message “code signature could not be verified” pop-up. In typical 1Password fashion the message includes a link to the troubleshooting … Continue reading 1Password & Chrome on the Mac: “code signature could not be verified”
It wasn't just me. The folks at Wired have noticed that some web sites are not really very password manager friendly. I travel fairly often. Lots of that travel is for work but I do get around on personal business and to get away. One of my go to sites for travel is Hilton dot … Continue reading Websites Intentionally Disabling Password Managers
After reading Thomas' article on re-evaluating the safety of Mac OS/X last week I finally managed to bring most of my Apple equipment up to current. I checked all the network devices and updated most of those. My Windows machines are all current. I do have that one Mac that won't run a current OS. … Continue reading Good References on Securing Mac OS/X
While many folks enjoy the iPhone and all of the apps that are available for the device from iTunes or Apple's App Store; there are people out there who want to do more. The only way to run software on your iPhone that isn't available from iTunes is to run another operating system other than … Continue reading Another reason NOT to jailbreak your IOS device!
Five years ago I made a decision to move from PasswordSafe to AgileBits 1Password. As someone in the security field I've always tried to practice what I preach and using different passwords for different sites and cycling passwords (changing passwords every N months) is important. I looked at a number of different password management solutions. … Continue reading Password Managers & Escrow
I read an excellent article by Nate Anderson in Ars Technica, "How the FBI found Miss Teen USA’s webcam spy" about how they broke the recent Miss USA 'sextortion' case. It got me thinking about how many of my friend and colleagues become temporary IT support personnel at the end or the year trying to … Continue reading Remote Access Tool Misuse & Familial IT Support