CryptoWall, Redux

August 12, 2014 by Marc Handelman in All is Information, Malware, Information Security, Blatant Stupidity

Do you need further proof that advertising is intrinsically evil? I'll wager not, especially in the case of the obviously idiotically managed, and therefore open-to-exploitation Yahoo Ad Network. It's one exploit after another for these poor fools... Profoundly and Blatantly Stupid.

'In January, for instance, Fox IT reported that visitors to Yahoo’s website were bombarded with malicious adverts that attempted to infect computers with a wide array of financially-motivated malware. Later in the same month, there were claims made that Bitcoin-mining malware had been spread via Yahoo ads...' via Graham Cluely

Pwnd

August 11, 2014 by Marc Handelman in SSL / TLS, Intelligence, Network Security, Blatant Stupidity, Malware, Physical Security, All is Information, DevOps, Cryptography, Security Prophylaxis, Sarcasm, Humor, Information Security

Today's BlackHat Las Vegas 2014 news brings the annual security confabs' bestowment of the Pownie awards; so, without further ado, examine Sophos' take on the award. So apropos.

EFF, SPOTM

August 08, 2014 by Marc Handelman in All is Information, Blatant Stupidity

Fascinating new web series, detailing the idiocy wrapped around patents, and produced by the inimitable EFF. Todays' Must Read.

Internet of Untrusted Things...

July 17, 2014 by Marc Handelman in All is Information, Blatant Stupidity, Data Security, Demise of Privacy, Sarcasm, Research, Network Security

via the superlative journalism of Dan Goodin at ArsTechnica, comes the sad tale of flawed light bulbs; in which, the internet of things are coupled to, evidently, the interweb-of-less-than-secure-objects-with-little-need-to-be-on-the-internet-in-the-first-place.

Get Safe Online, Abject Failure

June 12, 2014 by Marc Handelman in Blatant Stupidity, Data Security, Information Security

Another superb screed, by way of ArsTechnica's editor-in-chief Dan Goodin, details the terrible failure of the educational site monikered 'Get Safe Online' (ostensibly a password checking facility). Interestingly, when performing checks on user supplied passwords, the geniuses at Get Safe Online also manage to convey those credentials in address URLs, whence the ubiquitous miscreant can abscond with same. Astonishing...

Nequissimus Cogitatio

June 04, 2014 by Marc Handelman in Blatant Stupidity, Data Security, Information Security, Sarcasm

Apparently, adding that extra key in the Microsoft Corporation (Nasdaq: MSFT) Windows XP registry does not provision security prophylaxis...

Locked Life

May 21, 2014 by Marc Handelman in Web Security, Security, Information Security, Data Security, Application Security, Blatant Stupidity

Via the erudite Dan Goodin at ArsTechnica comes the latest litany of ne'er do well personal privacy company LifeLock. Consisting, if you will, of the latest foul-up at the embattled firm, Mr. Goodins' screed has succeeded in the task assigned:

An excoriation of the ham-handedness in situ at LifeLock; describing in luxurious & excruciating detail the sorrowful tale of blatant incompetence rampant at the company. Simply, astonishing.