How Command and Control Servers Remain Resilient

Monday, September 14th, 2015

One of the ways that malware activity on a network is spotted is via the activity of their network activity. However, in many cases this can be difficult to detect: there have been incidents where command-and-control (C&C) servers were able to stay online and pose a problem for many years. ...

HowTo: Privacy & Security Conscious Browsing

Thursday, August 27th, 2015

The purpose of this document is to make recommendations on how to browse in a privacy and security conscious manner. This information is compiled from a number of sources, which are referenced throughout the document, as well as my own experiences with the described technologies. Source: https://gist.github.com/atcuno/3425484ac5cce5298932

Attackers can access Dropbox, Google Drive, OneDrive files without a user’s password

Thursday, August 6th, 2015

Hackers don't even need your password anymore to get access to your cloud data. Newly published research, released at the Black Hat conference in Las Vegas on Wednesday by security firm Imperva, shows how a "man-in-the-cloud" attack can grab cloud-based files -- as well as infecting users with malware -- without ...

Windows 10 Upgrade Spam Carries CTB-Locker Ransomware

Monday, August 3rd, 2015

In the week since a free upgrade to Windows 10 was made available, users have learned a of about a host of built-in privacy and security issues, the most troubling being a native feature called Wi-Fi Sense that grants access to your Wi-Fi network to contacts stored in a host of ...

Flash/HTML5 in Firefox

Friday, July 31st, 2015

I've been asked a lot lately about uninstalling Flash in Firefox and why users are still being served the Flash versions on Youtube, for example, and requiring them to install it before displaying the video.  I was asked again today and thought I would quickly post something about it. The easiest ...