The Dragon that Guards the Data: No Pet Names in Passwords!

Spoof emails can be convincing if they contain the right information. Further, how do you know whether you have actually been hacked? Here are some tips.
More than a decade ago I was called in to do some work on the computer used by an office receptionist. After hearing the explanation, I sat down for what would be a rather easy job. Moments later, the receptionist interrupted me and said, “I guess you’ll need my password.” Problem was, I was already…
There’s a new version of a common scam, one in which someone claims to be customer support for a major company. In this case, the ad falsely purports to be from Amazon and leads to a fake infection warning which claims to be from Windows Defender, and provides a phone number you can call for…
Details come from @BarracudaMSP (advisory). The key element is to carefully check incoming email, and never open an attachment if you have any uncertainty about its origin. Good security software is very helpful, but cannot save you from everything, especially if you execute it yourself. For my clients, let me note that you have the…
I use Imunify360 for my web servers, and this article from their blog provides some important lessons. Those who work regularly with resources in the cloud will understand the key recommendations. For other users, I want to underline and add to one recommendation. Backups! I have worked with two small companies that suffered ransomware attacks…
TechRepublic’s 10 Things blog has a pretty good rundown. I’ve recently had to explain the very basics of rootkits to an occasional curious customer.
(Note: Page author Henry Neufeld is compensated for sales made through links on this page.)