Zimmer And Associates

Skype not as private as you thought

Bryan — Tue, 21 May 2013 15:02:06 +0000

The expectation from many users is that Skype conversations are private because they’re encrypted. This article shows that’s not the case, as Microsoft is able to examine at least some (or maybe all) of the content.

http://gizmodo.com/psa-your-skype-messages-arent-as-private-as-you-think-509012101

Botnet attacks against WordPress

Bryan — Sun, 14 Apr 2013 17:31:30 +0000

Attackers are directing botnets at WordPress sites, trying to guess their admin passwords. I recommend not using “admin” as your administrator name, making sure you have very strong passwords, and use the Limit Login Attempts plugin.

http://techcrunch.com/2013/04/12/hackers-point-large-botnet-at-wordpress-sites-to-steal-admin-passwords-and-gain-server-access/

http://wordpress.org/extend/plugins/limit-login-attempts/

Security cameras vulnerable to attack

Bryan — Sat, 09 Feb 2013 04:30:43 +0000

A large number of security cameras are vulnerable to an attack that allows unauthorized users to take control over them. If your cameras are behind a firewall or you don’t mind unauthorized people watching your cameras this isn’t as big a deal for you, but still something to be aware of.

http://www.forbes.com/sites/andygreenberg/2013/01/28/more-than-a-dozen-brands-of-security-camera-systems-vulnerable-to-hacker-hijacking/

How to quickly find out where a bit.ly link goes

Bryan — Wed, 30 Jan 2013 21:46:49 +0000

Has someone sent you a bit.ly link that you suspect might be malicious, or do you just want to know where it goes before you click on it? Add a “+” to the end of the link and you’ll pull up an info page, then if it looks ok you can click on though.

Suspicious?

http://bit.ly/qPtLPW

Let’s find out.
http://bit.ly/qPtLPW+

Ruby On Rails security vulnerabilities

Bryan — Wed, 09 Jan 2013 03:54:40 +0000

Do you use Ruby On Rails and the Action Pack framework? You should update your applications immediately. Significant vulnerabilities have been found, allowing theft of sensitive data, administrator access, and denial of service.

http://www.kb.cert.org/vuls/id/380039

Legal issues in The Cloud

Bryan — Thu, 06 Dec 2012 23:14:39 +0000

Here’s a good overview article for businesses considering moving their data to The Cloud, especially sensitive data with HIPAA and PCI requirements. Essentially your lawyer is your new best friend. Most of the Cloud providers’ contracts prevent you from holding them responsible if anything bad happens to your data, but your lawyer can change the equation in your favor by modifying the contract. Page 2 has some good starter Due Diligence questions to ask when you’re considering a move to The Cloud.

http://www.computerworld.com/s/article/9234134/Legal_concerns_curb_corporate_cloud_adoption

Social Network Safety Tips

Bryan — Fri, 09 Nov 2012 05:35:10 +0000

Here’s a decent article from Microsoft on Social Network Safety. It covers things like being aware of how what you post could be used against you, not letting apps access your address book, using social networks at work, and talking to your kids about protecting themselves. For experienced techies it’s worth a quick read to refresh your memory, for everyone else it’s a good article you might want to forward to your friends and family.

http://www.microsoft.com/security/online-privacy/social-networking.aspx?sf4883013=1

Most common passwords of 2012

Bryan — Wed, 24 Oct 2012 04:40:57 +0000

Here are the most common passwords of 2012. If you use one of these you should feel a little guilty (and very worried about the security of your data), and immediately change your password. Note: Adding “1″ at the end of your password doesn’t fool anyone.

The passwords and their position change from 2011:

1. password (Unchanged)
2. 123456 (Unchanged)
3. 12345678 (Unchanged)
4. abc123 (Up 1)
5. qwerty (Down 1)
6. monkey (Unchanged)
7. letmein (Up 1)
8. dragon (Up 2)
9. 111111 (Up 3)
10. baseball (Up 1)
11. iloveyou (Up 2)
12. trustno1 (Down 3)
13. 1234567 (Down 6)
14. sunshine (Up 1)
15. master (Down 1)
16. 123123 (Up 4)
17. welcome (New)
18. shadow (Up 1)
19. ashley (Down 3)
20. football (Up 5)
21. jesus (New)
22. michael (Up 2)
23. ninja (New)
24. mustang (New)
25. password1 (New)

http://www.prweb.com/releases/2012/10/prweb10046001.htm

Small business security breach infographic

Bryan — Thu, 16 Aug 2012 14:27:44 +0000

Here’s an interesting infographic showing statistics on small businesses security breaches. The majority of security breaches last year were in companies with less than 100 employees. Naturally, a large number of small businesses think they’re too small to be targeted by attackers.

http://25.media.tumblr.com/tumblr_m6p4vvgOJl1qhmvhmo1_1280.png?sf5498053=1

Yahoo accounts hacked, change your password.

Bryan — Thu, 12 Jul 2012 14:42:15 +0000

Details are thin since this was just announced, but 450,000 Yahoo accounts have had their passwords revealed. If you have a Yahoo account you’ll want to change your password immediately.

http://arstechnica.com/security/2012/07/yahoo-service-hacked/