Data protection for humans. What are the basics (and how can you protect your data with stuff you already have)?

I recently had a conversation about data protection, specifically protecting the confidentiality and integrity of sensitive data.  Over the course of that conversation, realized that there is a LOT of confusion on the topic. How do we protect data? When does the data have to be protected? What constitutes protected?  Ultimately, we discovered that the […]

Cyber Attack on the City of Atlanta – A stark reminder of the need for and importance of ethical hacking

Thursday morning (22 March, 2018), the City of Atlanta’s computer systems fell victim to what’s being called a ‘cyber attack’. According to the information that we’ve seen thus far, the attack is apparently a ransomware attack demanding payment in exchange for the decryption keys to unlock the affected data. According to news articles, local, state […]

Vecrypt v1.19 released and fixes multiple low, medium and critical risk vulnerabilities

The open-source encryption software and successor to Truecrypt Veracrypt has been updated to v1.19 to address vulnerabilities discovered in a recently completed code audit. The update addresses all critical, medium and low-risk vulnerabilities and workarounds have been provided for those vulnerabilities not yet addressed.  The audit was completed against Veracrypt v1.18 and was completed on […]

Quick OpEd on MIT anonymizing network Riffle

Researchers at MIT have recently released a whitepaper detailing Riffle, “An Efficient Communication System With Strong Anonymity” that was quickly picked up by a number of news outlets including ThreatPost.  There’s plenty of details in the PDF and linked articles but, for the TL;DR crowd, a couple of things stand out that I think are […]

Teslacrypt closes shop, releases master decryption key

In a bit of an odd announcement, the group behind the Teslacrypt ransomware has apparently closed up shop and posted a note on their website saying “We are sorry!” and including the master key for decryption.  According to this article from ThreatPost, preliminary tests indicate that the key is legitimate and is able to decrypt […]