Security for Real People

> If you manage a high-value Twitter account, consider creating a > second, "burner" account. After enabling multifactor authentication > on the high-value account, add the...

http://www.securityforrealpeople.com/2018/12/a-band-aid-for-twitters-horribly-broken.html

Ever wondered what is the most challenging aspect to security? It's not understanding the evolving threats and actors. Certainly those are important, but people smarter than me do a fine job of t...

http://www.securityforrealpeople.com/2018/12/the-most-challenging-aspect-of-security.html

February 10, 2019: Since writing the below post, I've learned of a technique that is used to get around Instagram's obscuring unsolicited direct messages.  Instagram in general will blur DM'ed...

http://www.securityforrealpeople.com/2018/08/on-teaching-kids-to-make-good-security.html

A quick read for a Monday night. Last week while investigating some noisy events in my security monitoring system, I noticed two competing Windows features filling up event logs: link-local mul...

http://www.securityforrealpeople.com/2018/02/using-malwares-own-behavior-against-it.html

The following may be disturbing to readers, but I feel it is important to write for several reasons. The first is, to stay a step ahead of cyberbullies that could use this technology to humiliat...

http://www.securityforrealpeople.com/2018/01/seeing-isnt-believing-rise-of-fake-porn.html

Time for a short Friday afternoon social engineering‍ discussion. If you work in HR / finance / benefits, you'll want to stick with me. It's January, the beginning of tax season in the US (a...

http://www.securityforrealpeople.com/2018/01/its-w2-scam-season.html

TL;DR: Chrome has a nifty undocumented trick that makes proxying so much more useful when testing sites using HSTS or pinned certs: where the security warning screen doesn't give you an option t...

http://www.securityforrealpeople.com/2017/12/a-handy-trick-for-proxying-hsts-sites.html

Professional social engineer and open source intelligence expert Stephanie "@_sn0ww " Carruthers makes a living out of (mis)using what people and companies share publicly, so when she talks I l...

http://www.securityforrealpeople.com/2017/11/private-data-in-public-places.html

Now that post-Thanksgiving shopping is in full swing, here's a brief tip for those purchasing Amazon gadgets as Christmas gifts: if you are giving an Amazon Device to someone outside your ho...

http://www.securityforrealpeople.com/2017/11/be-sure-to-deregister-amazon-devices.html

In 20 years of systems administration and incident response, there are a handful of tools I find myself coming back to over and over again. Naturally, the SysInternals suite is on the list, along...

http://www.securityforrealpeople.com/2017/11/ir-toolkit.html

UPDATED 20 OCTOBER: Added a note regarding enabling full command line logging for process creation events; added a note clarifying that "Creator Process Name" is only recorded in Windows 10 and ...

http://www.securityforrealpeople.com/2017/10/exploiting-office-native-functionality.html

Yahoo! accounts have very different security options depending on their origin. Unless you've been living under a rock, you know by now that Yahoo! suffered a massive data breach in 2013. The n...

http://www.securityforrealpeople.com/2017/10/enable-two-factor-on-your-yahoo-account.html

This is one of a few Security for Real People blog posts routinely updated once or twice a year, to offer up-to-date advice to consumers and small businesses as threats evolve over time. The rece...

http://www.securityforrealpeople.com/2017/10/seven-steps-to-minimize-your-risk-of.html

Two years ago, a friend piqued my curiosity with a question about a iPhone / iPad app teenagers were using to hide content from nosy peers (and parents). This person wondered whether the app was...

http://www.securityforrealpeople.com/2017/09/incremental-wins-ios11-strengthens-idea.html

If you downloaded "CCleaner" software from antivirus company Avast between August 15 and September 12, you have a problem. Cisco's Talos threat research group discovered that company's software d...

http://www.securityforrealpeople.com/2017/09/avast-download-site-compromised-to-host.html

If you are looking for a seasoned infosec architect with red team skills, or know someone that is, take a few seconds to read on. I am currently in Austin, Texas, but could be talked into reloca...

http://www.securityforrealpeople.com/2017/09/a-change-of-scenery-for-this-security.html

Updated to add a link to Equifax's official incident response website, https://www.equifaxsecurity2017.com/ . Fake sites and phishing email are already appearing, by criminals attempting to dec...

http://www.securityforrealpeople.com/2017/09/equifax-breach-exposes-143-million-to.html

Gulf of Mexico radar image August 24, credit NOAA UPDATE 30 AUGUST 2017: the Federal Trade Commission is reporting scam robocalls telling victims their flood insurance premiums are past due, ...

http://www.securityforrealpeople.com/2017/08/in-wake-of-hurricane-harvey-be-alert.html

Heads-up: there's another ransomware worm making the rounds. Initially thought to be a variant of the Petya ransomware family , it was later determined to be something entirely different, and h...

http://www.securityforrealpeople.com/2017/06/to-patchnya-or-not-to-patchnya.html

This is going to hurt home users with Samba shares mounted on their SoHo routers or NAS, among other things.  Samba is a file sharing service for Linux, similar to Windows SMB file shares (yes...

http://www.securityforrealpeople.com/2017/05/samba-remote-code-execution-exploit.html

Ransomware is a common form of malware, designed to encrypt personal and business data, making it unusable unless the victim pays a "ransom" fee to the attacker to purchase the recovery key. It m...

http://www.securityforrealpeople.com/2017/05/hit-by-wannacry-it-may-also-be-hipaa.html

If you have SMBv1 in your enterprise, and haven't completed deploying MS17-010 (released in March), now would be a good time to expedite that. Multiple news outlets are reporting a widespread ou...

http://www.securityforrealpeople.com/2017/05/ransomware-now-comes-in-worm-flavor.html

Day 1 of Security B-Sides Austin is in the books. One talk in particular stuck with me: "Hack the SIEM" by John Griggs of Meta Studios, Inc. Your SIEM is an aggregation of lots of data about y...

http://www.securityforrealpeople.com/2017/05/hacking-siem.html

This weekend I had the dubious pleasure of reading a letter that begins with these two paragraphs. In March, the Internal Revenue Service removed a Data Retrieval Tool from its website, a t...

http://www.securityforrealpeople.com/2017/04/a-letter-from-irs.html

There have been rumblings in recent weeks (with varying degrees of credibility and/or paranoia) of several hundred million Apple accounts stolen by hackers , with a threat that the iPhones, iPads...

http://www.securityforrealpeople.com/2017/03/hackers-threaten-mass-icloud-carnage.html