Entries by Alan Zeichick

, ,

No more mansplaining: Commandments for clergy – and all lay leaders

“Thou shalt not refer winkingly to my taking off my robe after worship as disrobing.” A powerful essay by Pastor Melissa Florer-Bixler, “10 commandments for male clergy,” highlights the challenges that female clergy endure in a patriarchal tradition — and one in which they are still seen as interlopers to church/synagogue power. And in this era […]

,

Malware damages Android phones. Are IoT devices next?

Software can affect the performance of hardware. Under the right (or wrong) circumstances, malware can cause the hardware to become physically damaged – as the cyberattack on Iran’s centrifuges provided in 2010, and which an errant coin-mining malware is demonstrating right now. Will intentional or unintentional damage to IoT devices be next? Back in late […]

,

Get ready for Man-in-the-Middle (MITM) cyberattacks

Man-in-the-Middle (MITM or MitM) attacks are about to become famous. Famous, in the way that ransomware, Petya, Distributed Denial of Service (DDoS), and credit-card skimmers have become well-known. MITM attacks go back thousands of years. A merchant writes a parchment offering to buy spices, and hands it to a courier to deliver to his supplier […]

,

Updating the Scrum agile process for 2017

Agility – the ability to deliver projects quickly. That applies to new projects, as well as updates to existing projects. The agile software movement began when many smart people became frustrated with the classic model of development, where first the organization went through a complex process to develop requirements (which took months or years), and […]

The FBI and Secret Service view of cyber criminals

Law enforcement officials play a vital role tracking down and neutralizing cyber criminals. Theirs is a complex, often thankless, mission. Here are some insights shared by two current, and one former,  high-level officials from U.S. law enforcement, who spoke at the NetEvents Global Press & Analyst Summit, in San Jose, Calif., in late September. Based in […]

, ,

Why you need Security & Systems Operations – SysSecOps

SysSecOps is a new phrase, still unseen by many IT and security administrators – however it’s being discussed within the market, by analysts, and at technical conferences. SysSecOps, or Systems & Security Operations, describes the practice of combining security groups and IT operations groups to be able to make sure the health of enterprise technology […]

Don’t click on “must validate account” email scams!

This fake message from “Netflix” almost got me, and as you know I’m quite skeptical about these things. Unlike most scams, it’s neatly formatted and well-written. And because my family has a Netflix account, it didn’t seem completely unreasonable. What gave it away? First, vendors don’t sent out emails demanding to “validate” information or your […]

, ,

Four tactics to prevent and manage ransomware

Ransomware is genuine, and is threatening individuals, services, schools, medical facilities, governments – and there’s no indication that ransomware is stopping. In fact, it’s probably increasing. Why? Let’s be honest: Ransomware is probably the single most efficient attack that hackers have ever created. Anybody can develop ransomware utilizing easily available tools; any cash received is […]

, , ,

How AI is changing the role of cybersecurity – and of cybersecurity experts

In The Terminator, the Skynet artificial intelligence was turned on to track down hacking a military computer network. Turns out the hacker was Skynet itself. Is there a lesson there? Could AI turn against us, especially as it relates to the security domain? That was one of the points I made while moderating a discussion […]

, ,

Too long: The delays between cyberattacks and their discovery and disclosure

Critical information about 46 million Malaysians were leaked online onto the Dark Web. The stolen data included mobile phone numbers from telcos and mobile virtual network operators (MVNOs), prepaid phone numbers, customers details including physical addresses – and even the unique IMEI and IMSI registration numbers associated with SIM cards. Isolated instance from one rogue carrier? No. […]

,

Taking a KRACK at an Internet of Things vulnerability

It’s always nice when a friend is quoted in an article. In this case, it’s one of my dearest and closest, John Romkey, founder of FTP Software. The story is, “The Internet Of Things Just Got Even More Unsafe To Use,” by Harold Stark, and published on Forbes.com. The story talks about a serious vulnerability in […]