Monday, May 21, 2012

Security mindset

Interesting article about the mindset of security practitioners - thanks to Bruce Schneier for highlighting this one.

Tuesday, May 15, 2012

Surveillance cameras

A report from Wired's excellent Threat Level blog on research into the security of cameras used for CCTV, surveillance, security purposes. It seems many of them are by default enabled to allow access from the internet, and also by default use weak, well known passwords. That's a bad combination.

Password questions

A report from CNET about the compromise of thousands (the exact number of accounts compromised seems to be disputed, but seems to be over 20,000) of twitter account credentials.

If your account is affected you should've already been notified and should follow the instructions. If you're not directly affected, now might be a good time to revisit your password for twitter and other online services and ask yourself some questions:

1. Am I using the same password for multiple services?
2. Could someone who knows me (or who can find me online) easily guess the password I'm using?
3. Is the password strong (letters, numbers and ideally special characters)?

Tuesday, May 1, 2012

Backdoor in industrial control system

With all of the recent focus on SCADA vulnerabilities and critical infrastructure protection, how does something like this happen?? RuggedCom appears to have been totally dismissive of the fundamental vulnerability reported to them.
RuggedCom was bought by Siemens in March 2012.