Maliciously Tampering with Medical Imagery

Posted on April 13th, 2019 by Responsible Cyber

In what I am sure is only a first in many similar demonstrations, researchers are able to add or remove cancer signs from CT scans. The results easily fool radiologists. I don’t think the medical device industry has thought at all about data integrity and authentication issues. In a world where sensor data of all […]

Read More

These two books explain how to fix our broken security industry

Posted on April 4th, 2019 by Responsible Cyber

The first step in fixing a problem is admitting you have one. The computer security industry has long been broken and needs some serious fixes. The world spends many billions of dollars fighting cybersecurity threats, more and more each year, and threats, risks and exploits are just getting worse. We have even accepted that computer […]

Read More

Commando VM — Turn Your Windows Computer Into A Hacking Machine

Posted on March 30th, 2019 by Responsible Cyber

FireEye today released Commando VM, which according to the company, is a “first of its kind Windows-based security distribution for penetration testing and red teaming.”When it comes to the best-operating systems for hackers, Kali Linux is always the first choice for penetration testers and ethical hackers.However, Kali is a Linux-based distribution, and using Linux without […]

Read More

Vulnerability management woes continue, but there is hope

Posted on March 28th, 2019 by Responsible Cyber

I remember giving a presentation when I first started working in cybersecurity in 2003 (note: It was called information security back then). I talked about the importance of good security hygiene, focusing on deploying secure system configurations, managing access controls, and performing regular vulnerability scans.  When it came to the Q&A portion of my presentation, […]

Read More

Android Q — Google Adds New Mobile Security and Privacy Features

Posted on March 24th, 2019 by Responsible Cyber

Google has recently released the first beta version of Android Q, the next upcoming version of Google’s popular mobile operating system, with a lot of new privacy improvements and other security enhancements.Android Q, where Q has not yet been named, offers more control over installed apps, their access, and permissions, and location settings; more support […]

Read More

I Was Cited in a Court Decision

Posted on March 24th, 2019 by Responsible Cyber

An article I co-wrote — my first law journal article — was cited by the Massachusetts Supreme Judicial Court — the state supreme court — in a case on compelled decryption. Here’s the first, in footnote 1: We understand the word “password” to be synonymous with other terms that cell phone users may be familiar […]

Read More

First Look Media Shutting Down Access to Snowden NSA Archives

Posted on March 24th, 2019 by Responsible Cyber

The Daily Beast is reporting that First Look Media — home of The Intercept and Glenn Greenwald — is shutting down access to the Snowden archives. The Intercept was the home for Greenwald’s subset of Snowden’s NSA documents since 2014, after he parted ways with the Guardian the year before. I don’t know the details […]

Read More

Google Launches Backstory — A New Cyber Security Tool for Businesses

Posted on March 14th, 2019 by Responsible Cyber

Google’s one-year-old cybersecurity venture Chronicle today announced its first commercial product, called Backstory, a cloud-based enterprise-level threat analytics platform that has been designed to help companies quickly investigate incidents, pinpoint vulnerabilities and hunt for potential threats.Network infrastructures at most enterprises regularly generate enormous amounts of network data and logs on a daily basis that can […]

Read More

Top 5 solutions to reduce ‘cyber friction’

Posted on March 12th, 2019 by Responsible Cyber

I recently helped my son build his first pine wood derby car. He took second place out of a field of ~60 cars. The secret of taking a block of wood, four nails and cheap plastic wheels is reducing all forms of friction that the car can face and moving the balance to the right […]

Read More

Nvidia patches eight security flaws in graphics products

Posted on March 1st, 2019 by Responsible Cyber

by John E Dunn Chip maker Nvidia has released its first security update for 2019 (ID 4772), fixing eight CVE flaws in its Windows and Linux graphics display drivers. Users are advised to patch as soon as possible. The company scores the flaws using the Common Vulnerability Scoring System (CVSS) v3, which shows five with […]

Read More