Cloud Computing

When your outsourced security vendor outsources it’s own security…and things ...

Verizon is trying to make itself out as a security firm…but they failed to ensure their own outsourced vendor had proper security policies and procedures in place: An Israeli technology company has exposed millions of Verizon customer records, ZDNet has learned. As many as 14 million records of subscribers who called the phone giant’s customer services in the past six months were found on an unprotected Amazon S3 storage server controlled by an employee of […]

Spectre and Meltdown. How Susceptible Are you?

There’s a ton of crap running around about these vulnerabilities.  This video talks about the vulnerabilities on a user level and gives some background on exactly where the problem lies and much you should worry.  A technical paper on this is upcoming.  This is only a basic overview so the non-techies out there can truly understand what is going on.

Damage Control Begins RE: Intel Hardware Bug

Intel is in full damage control mode about their hardware flaw….unfortunately they are trying to drag AMD down with them….however AMD is vulnerable only in its older CPU products.  Their latest product, XEN(or Ryzen) is not affected as of right now. This is an issue Intel created on its own…and the software development community went along for the ride for the sake of performance. Tomorrow…the full details should come out tomorrow..three CVE’s have already been […]

Is The Cloud About to Become Fog?

It very well could be. right now I am seeing signs about an embargoed(aka being kept secret) serious HARDWARE security problem RE: virtualization(aka the cloud) that affects Intel processors. The amount of software patching going on is massive and even open source software maintainers are keeping a lid on things. Eventually something will either leak or it will get disclosed. Get ready because it appears this could be something really big….I hope this is speculation […]

Amazon key(Based upon IOT) makes your house absolutely insecure

Amazon Key IMO is a bad idea.  The fact that it is based on IOT makes it worse.  The very concept of you give someone access to your house with no other controls…there’s a camera to watch them but a camera will not stop anyone from doing anything else..jsut record the video of them doing it. now a security vulnerability has been found in the “smart lock” that powers this “service”.  Malwarebytes does not mention […]

Post-Mortem on the Nationwide “Comcast Outage”

I started getting multiple calls about issues on Comcast this afternoon.  My initial research showed it was not an IP issue, however dns was not responding on the Comcast network.  Comcast has had DNS outages before.  I tested my network by switching to Google DNS servers and i had most…but not all…of my connectivity issues resolved.  I then saw weird routing problems showing..sometimes to Google and others.  I also noticed trying to get to some […]

Firewall IOT Properly..Yet Another 0-day for IOT

Yet another IOT security issue.  this one is actually a remote code exploit so once again a flaw allows IOT devices to get taken over Two things: Do not let IOT have access to your internal network.  It MUST be firewalled onto its own network. Do not allow IOT access to the Internet unless needed..and then you need to configure the firewall to only out communications on the ports it requires to function. Keep IOT […]

It’s Official. Windows365 is here. Windows Subscriptions are ...

When the “free upgrade” to Windows 10 started I felt like something didn’t smell right.  To quote the last paragraph of that 2015 post: In a way it is a stroke of genius.  How do drug dealers do things?  They give you free taste..get you hooked then drain you dry.  I am not saying I know this for sure but the pieces line up this way.  Unless Microsoft says otherwise that’s the stance I am […]

IOT= You Do Not Own Your Device

In the you do not own your IOT device dept comes a tale of IOT woe.  A IOT Garage Door opener has disabled a customer’s account due to a poor review and an admittedly toxic comment left by said client.  Now the client is effectively locked out of his garage until he can remove the device.  While this does not lock the individual out of the house keep in mind the day is coming when […]