On October 2nd, the Google security blog announced several vulnerabilities in a piece of software called DNSMasq, which offers DNS forwarding and DHCP services for small computer networks. Days before, IT Briefcase published an article I wrote about indicators of compromise in DNS logs. The article explains that an exploited DNS server may offer the […] Read More – DNSMasq Vulnerabilities Affect Network Devices, Microservices, and More Read more “DNSMasq Vulnerabilities Affect Network Devices, Microservices, and More”

If you own a business, you probably know that delivering dependable Wi-Fi is an essential service for customers, especially considering most people carry at least one Wi-Fi enabled device at all times. But, if security parameters are not set and networks are not properly monitored, you could be exposing your business and your customers to […] Read More – How to Eliminate These 5 Critical Wi-Fi Mistakes Read more “How to Eliminate These 5 Critical Wi-Fi Mistakes”

Using social media at work is acceptable in most offices, and is critical to some people’s jobs. But, with people actively posting, reading and connecting during business hours, what network security risks does this create? WatchGuard‘s Information Security Threat Analyst, Marc Laliberte, recently offered his perspective ?in a Dark Reading article. Read more “What 6 Social Media Habits Put Your Business At Risk?”

According to Google’s new Transparency Report, secure web traffic or?HTTPS uptake is on the rise, making the web a lot more secure than it was a year ago. In general, this is great news for everyone, as HTTPS both encrypts our web traffic and helps validate the legitimacy of the domains we visit, keeping our […] Read More – Despite Rising HTTPS Adoption, Vulnerabilities Still Exist Read more “Despite Rising HTTPS Adoption, Vulnerabilities Still Exist”

In general, security experts like me are against sharing passwords, even among family and friends.?Sure, we can all think of cases where sharing passwords with family might be useful, but why not just setup privileged accounts for those family members? Read more “Password Sharing Illegal? – Daily Security Byte EP. 288”

University researchers have shown how you can use the various tracking sensors in wearable devices to recover keypad passwords of their owners. Read more “Fitbits Hack ATMs? – Daily Security Byte EP. 286”

The Unified Extensible Firmware Interface (UEFI) is the new type of firmware that replaces Basic Input/Output System (BIOS) ?firmware on PCs. Among other new features, UEFI supports security mechanisms like Secure Boot for Windows. Unfortunately, a researcher found a flaw in Lenovo’s UEFI that could allow attackers to bypass this mechanism. Read more “ThinkPwn: UEFI Vulnerability – Daily Security Byte EP. 283”

A new double phishing scam is targeting ISPs and pirates. Watch Friday’s video to learn how attackers are tricking ISPs into making their phishing emails look even more legitimate.? (Episode Runtime: 3:33 Direct YouTube Link:? https://www.youtube.com/watch?v=QDY7pRvJ4Bc EPISODE REFERENCES: Piracy double extortion scam ?–? BGR Piracy phishing scam targets ISPs –? Torrent Freak —? Corey Nachreiner, CISSP ?( @SecAdept ) Read more “Double Phishing Scam – Daily Security Byte EP. 279”

Security nerds, like me, often advise you to tape up your webcam when you’re not using it. However, many people think this is too paranoid. “Who’s going to spy on my computer,” they ask? Read more “Tape Your Webcam – Daily Security Byte EP. 277”