Welcome to Trumpistan.
Posts by EJ
242 publicly visible posts • joined 9 Jul 2007
Cops raid home of ousted data scientist who created her own Florida COVID-19 dashboard
Days before the US election, phishers net $2.3m from Wisconsin Republicans
Top doctors slam Google for not backing up incredible claims of super-human cancer-spotting AI
FCC accused of colluding with Big Cable to game 5G legal challenge
Stalk my pals on social media and you'll know that the next words out of my mouth will be banana hammock
Oracle boss's Brexit Britain trip shutdown due to US government shutdown
My 2019 resolution? Not to buy any of THIS rubbish
Monday 7th January 2019 21:29 GMT
Re: Hospitality sector had it coming
Booking.com buried my bed bug horror story about the small motel where I experienced enough discomfort to seek medical treatment (photos of my neck and arms still make me itch). TripAdvisor.com did not.
Guess which one I recommend folks use for researching their stays?
What happens when a Royal Navy warship sees a NATO task force headed straight for it? A crash course in Morse
Your two-minute infosec roundup: Drone arrests, Alexa bot hack, Windows zero-day, and more
Uncle Sam fingers two Chinese men for hacking tech, aerospace, defense biz on behalf of Beijing
A few reasons why cops didn't immediately shoot down London Gatwick airport drone menace
US told to appoint a damn Privacy Shield ombudsperson already or EU will take action
American bloke hauls US govt into court after border cops 'cuffed him, demanded he unlock his phone at airport'
You're legit and you know you are... Thanks to chanting racist footie fans, linking to dodgy stuff isn't necessarily illegal (well, in Europe)
He's not cracked RSA-1024 encryption, he's a very naughty Belarusian ransomware middleman
Customers baffled as Citrix forces password changes for document-slinging Sharefile outfit
Tuesday 4th December 2018 16:54 GMT
On the bright side
Nearly every user who received one at my company reported it as a potential phishing attack. Even our security team was confused by the message when we evaluated it (suspicious content but legit links). Wasn't until we saw a Twitter conversation by ShareFile claiming they were legit before we finally gave the thumbs up on performing the password resets.
Wanna save yourself against NotPetya? Try this one little Windows tweak
Q: If Pesky Pepper had a peek at patient papers, at how many patient papers did Pesky Pepper peek? A: 231
Wow. Apple's only gone and killed off Mac, iPad, iPhone family... figures for units sold to fans
Bomb squad descends on suspicious package to find something much more dangerous – a Journey cassette
This one weird trick turns your Google Home Hub into a doorstop
Sorry friends, I'm afraid I just can't quite afford the Bitcoin to stop that vid from leaking everywhere
You patch my back(up) and I'll patch yours... Arcserve bugs burrow remotely exploited holes in UDP storage systems
Equifax exec's inside trade shame: Software boss sentenced for mega-hack stock profit
Mozilla grants distrusted Symantec certs a stay of execution, claims many sites yet to make switch
Why are sat-nav walking directions always so hopeless?
Sunny Cali goes ballistic, this ransomware is atrocious. Even our IT bill will be something quite ferocious
Friday 28th September 2018 12:52 GMT
From the SD Tribune story:
"The Port of San Diego said Wednesday it is investigating a highly sophisticated cybersecurity threat to its technology systems that is currently affecting the public agency’s ability to process park permits and records requests, and perform other business services."
... "highly sophisticated cybersecurity threat"... sounds much better than "some plonk clicked on a link/attachment that they shouldn't have".
NSA dev in the clink for 5.5 years after letting Kaspersky, allegedly Russia slurp US exploits
Ooof! Cisco Webex has been down for 7 hours – and counting
Virus screener goes down, Intel patches more chips, Pegasus government spying code spreads across globe
Couldn't give a fsck about patching? Well, that's your WordPress website pwned, then
Monday 24th September 2018 14:43 GMT
How hard can it be to keep patched?
Newer versions of WP simply update themselves, and as far us plug-in updates I get an email notification when a plug-in needs updating, and that's simply logging into the site, clicking 'Updates', and then checking the box for the plugins to update. A minute later, it's all updated. Total time spent updating the site? Literally less than 2 minutes.
Check out this link! It's not like it'll crash your iPhone or anything (Hint: Of course it will)
Princely five years in US big house for Nigerian biz email scammer
Trend Micro tools tossed from Apple's Mac App Store after spewing fans' browser histories
Tuesday 11th September 2018 17:48 GMT
Re: 1 - 2 - 3 - Not it!
I know no one is reading the EULAs for anything because if you did, you wouldn't consent to most of them. Our Procurement department is now going over EULAs with a fine-tooth comb. Purchases that used to take 60-90 days from selection to product-on-site are now taking upwards of a year, if the vendor agrees to negotiations in the first place. I'm still waiting to hear how they made out with negotiations with Fydor, who they told me they were going to contact to hammer out an agreement. "Fine," I said, "but while you're doing that we're going to go ahead and use his Nmap product anyway."
Feel the shame: Email-scammed staffers aren't telling bosses about it
Welcome! Mimecast finds interesting door policies on email filters
If you have to simulate a phishing attack on your org, at least try to get something useful from it
No, eight characters, some capital letters and numbers is not a good password policy
Microsoft: We busted Russian Fancy Bear disinfo websites
SentinelOne makes YouTube delete Bsides vid 'cuz it didn't like the way bugs were reported
India's Cosmos bank raided for $13m by hackers
Thursday 16th August 2018 20:19 GMT
More than banks get those FBI
"a confidential alert sent from the FBI to US banks" - it's sent to more than just banks because I got it, too, and we're not a bank. It was from an FBI-issued PIN (Private Industry Notification, # 20180809-001) and was marked "TLP: AMBER" (Traffic Light Protocol), meaning it can be shared among others in your peer and partner organizations.
Biting the hand that feeds IT
