Latest stories

Hands-on with ZeroTier SD-WAN for Cloud Connectivity

H

In this week’s episode of SecurityGuy, I’m sharing my screen for a hands-on look at how to use a ZeroTier SD-WAN to provide secure connectivity into an Amazon Web Services (AWS) Virtual Private Network (VPC). SD-WAN is much more flexible than traditional VPN, and while this example shows how to connect an AWS VPC to the SD-WAN for secure access, it can do a lot more, including secure...

Bill C-11 (Canada)

B

This week’s episode of SecurityGuy is about Canadian Bill C-11: An Act to enact the Consumer Privacy Protection Act and the Personal Information and Data Protection Tribunal Act and to make consequential and related amendments to other Acts. (Say that three times quickly!)

Multi-factor Authentication

M

This week’s episode of SecurityGuy is about Multi-Factor Authentication (MFA). Why do we need it? How should it work? What choices do developers have? And which MFA solution is best?

While I recommend Yubico’s YubiKey products, this video is not sponsored, nor do I have any relationship with the companies mentioned other than as a customer.

Malware

M

Protect yourself, your family, and your small business against malware including viruses, spyware, and ransomware. In this episode of SecurityGuy, I discuss common types of malware, how to avoid them, and most importantly, how to protect your data. Or, for those who prefer audio only, episodes are now live on Anchor.fm and most places you get your podcasts (still waiting on Apple). Disclosures:...

Cybersecurity 101

C

I’ve worked in cybersecurity for more than 25 years, dealing with issues that range from security governance and policy to product design and technical security issues. One of the challenges that my colleagues and I face is that few people have been taught the basics of cybersecurity, making security discussions more difficult than they need to be. Questions like, “Is this product...

Yet another domain renewal scam

Y

Updated 2021-02-25 with response from TrustedSite. Criminals will try almost anything to separate people from their money. Here is another example of another unsophisticated scam that some domain owners may, unfortunately, fall victim to.In summary, website owners may receive a message like this one through the contact form on their site. I have redacted the domain name and removed hyperlinks so...

Florida water plant hack

F

There are only two things that surprise me about this: First, we found out about it. It’s refreshing to see a municipal government coming clean (excuse the pun) about their water plant being hacked, Second, the attacker’s motivation appears to have been to injure people. Normally these days we would expect ransomware, but this criminal was intent on harming residents. This article...

Follow me!

Posts