Security

Fortinet Problems with SSL VPN which was fixed in May. Use IPSec VPN and set firewall and other security devices to auto-update. More info here

WPAD is an old method Windows uses to automatically configure a proxy server in a corporate environment. Recently it has been exploited to spy on traffic in-flight, it can bypass…

NewEgg has Protectli hardware $250ca, fanless, 4x Gig eth ports, 0 Ram, 0 HDD. USB Wifi is an option. May have a free m.2 socket onboard. https://www.newegg.ca/p/2DS-001U-00002?Description=2%20nics&cm_re=2_nics–9SIA6XD5UV1629–Product Pfsense does sell…

Just a reminder that Windows 7 extended support ends January 2020. Micro$oft will not make software updates after that date. It will quickly accumulate security holes and every bad guy…

Armis has discovered 11 security vulnerabilities in VxWorks real-time operating system TCP stack. VxWorks powers many IoT devices as it requires minimal hardware but it also is the base for…

As Ransomware become more prevalent, Insurance companies will add more requirements and stipulations for payout. If your company didn’t have the mitigations in place that they promised, there will be…

Here I explore some alternatives to Insecure social media. Social media makes their money from selling your browsing history and brand preferences. Some counties have restrictions that personal data needs…

Some Simple Security Tests to get Small Businesses started Thycotic Weak Password finder; tests for LanMan, Weak hashes etc. and shows which of those accounts have Administrator privilege. https://thycotic.com/solutions/free-it-tools/weak-password-finder/ Wireshark…

It’s Tricky Tricking people is much easier than actual hacking, security professionals like to call this Social Engineering. Their best trick is to convince websites or companies to reset your…

Article DNS security filtering Quad9 is a free offering from an IBM led group of security organizations. OpenDNS made this type of service popular and Quad9 builds on that by…