Resetting the Passwords for CIA Director John Brennan and Homeland Security Secretary Jeh Johnson

Posted on October 26, 2015 by Carmelo

Posted in Security Blog | Tagged , , , , , , , , | Comments Off on Resetting the Passwords for CIA Director John Brennan and Homeland Security Secretary Jeh Johnson

I’ve been playing with Sway

Posted on October 25, 2015 by Carmelo | Comments Off on Weekend of Fun

Your Evolving Digital Life

Posted on October 19, 2015 by Carmelo

Click the graphic to learn more about NCSAM!

NCSAM_Week4

Posted in Security Blog | Tagged , , , , , | Comments Off on Your Evolving Digital Life

USB Killer… 2.0!

Posted on October 14, 2015 by Carmelo

Do you remember, back in March, when I wrote about using a USB key that could fry a computer and actually make it catch on fire?

Well, it’s been improved upon, version 2.0 was created. It works super fast as you can see in the 5 second mark in the video below, he plugs in the USB device, about 2 seconds later the motherboard is fried.

It’s assumed that this will be for sale or instructions put out on how to make it yourself. Sounds scary right? Realistically, there will be only handfuls out in the world as production to make these would take a lot of time. The common person would also not be able to just build a USB killer, even if they had all the parts.

Posted in Security Blog | Tagged , , , , , , , , | Comments Off on USB Killer… 2.0!

Damien Has a Job!

Posted on October 9, 2015 by Carmelo

Here is Damien after his, technically, first day of work! Mostly orientation. He’s just getting home after a short 4 hour shift.
20151006_035922223_iOS

I’m so proud of him!

Posted in life | Comments Off on Damien Has a Job!

Telemarketer Payback with Social Engineering

Posted on October 7, 2015 by Carmelo

Social engineering is a very useful skill to have. But please use your powers with the highest level of ethics.
See image below.

telemarketer payback with social engineering

Posted in Security Blog | Tagged , , , | Comments Off on Telemarketer Payback with Social Engineering

Happy Two-Factor Tuesday!!!

Posted on October 6, 2015 by Carmelo

Check out some of my awesome posts on enabling Two-Factor

What is Two-Factor? It’s something you know… like a password… and something you have, like an token generator or smartphone! That doesn’t mean have an easy to guess password though! You should still have a complex password and if you use your smartphone to generate tokens, your phone should have a PIN or Password as well! It should also temporarily lock for a period of time if the wrong PIN or password is entered. This drastically reduces the likelihood of the risk of someone logging in as you.

Sometimes they call it Two-Step! It’s almost the same thing and just as secure!

Here are some services that offer two-step.

Enable Two-Factor Today!

Posted in Security Blog | Tagged , , , , , , , | Comments Off on Happy Two-Factor Tuesday!!!

Revisiting Home Depot

Posted on October 5, 2015 by Carmelo

Remember last September? It’s been just over a year since the Home Depot data breach. So far, the breach has cost Home Depot around $232 million and it’s expected to go into the BILLIONS as lawsuits get filed by smaller community banks and credit unions, who were hit hard with the aftershocks.

These lawsuits accuse Home Depot of ignoring warnings from security experts that its computer systems were vulnerable to attack, prior to the theft of approximately 56 million sets of credit and debit card data.

Home Depot did have cyber liability insurance, but only $100 million of the breach was covered.

Read more here at the Insurance Business of America website.

Posted in Security Blog | Tagged , , , , | Comments Off on Revisiting Home Depot

Scottrade Breach

Posted on October 5, 2015 by Carmelo

“Cybercriminals had unauthorized access to our network for a period of several months between late 2013 and early 2014”

According to a Cyber Security Alert page on Scottrade, Federal investigators found indicators that prove Scottrade’s network and systems was used. Further investigation by a security third party found that the network was used to steal customer information on 4.6 million Scottrade clients.

scottradeUpdate
Damage to the Company
As you can see, no financial information was taken… Does that matter though anymore? It’s a reputational hit to the company, there are resources put forward and a recovery cost to it.

Potential Damage to the Customer
Most likely, the customer information will be validated across social media sites, who would like the Scottrade Facebook page other than a client? I predict some crafty social engineering in the woodworks!

Scottrade is offering identity theft protection and a way to report phishing emails.

Posted in Security Blog | Tagged , , , , , , , , , | Comments Off on Scottrade Breach

National Cyber Security Awareness Month Weeks 1 & 2

Posted on October 4, 2015 by Carmelo

I’m on a mission to increase my Continuing Professional Education (CPE) credits and what better way than promote National Cyber Security Awareness Month?

Just like I’ve been posting, October is National Cyber Security Awareness Month. Here are two videos I’ve made. You can hear through them, Darla, snoring away while I try to seriously present. <Sigh!> What am I going to do with her?

Best Practices For All Digital Citizens

Creating a Culture of CyberSecurity at Work

Watch them, make fun of them if you want, share them. We all benefit from a safer Internet though :)

Also, check out my free resource company for Enterprise Security Awareness here. It’s not as dumb as the CarmeloWalsh.com site.

Posted in Security Blog | Tagged , , , , | Comments Off on National Cyber Security Awareness Month Weeks 1 & 2