Log4j remediation is much more than just patching. Here are additional steps you may not have considered in your Log4j response: Do you know if you have Log4j, or any of the other libraries in which Log4j is embedded, in the apps you have developed internally? (You do have a way to track and manage … Continue reading Additional steps to remediate log4j
PWC’s timeline of the days leading up to the deployment of Conti ransomware on May 14. PwC, as reported by Brian Krebs, conducted a great post mortem analysis of the ransomware attack on Ireland's public health system. It highlights two persistent failures that I see consistently. For all the harping on log4j (the latest disaster … Continue reading No organization is immune
Ever since the Apple CSAM debacle earlier this year, I have been searching for alternatives to the “free” products provided by Apple. Apple’s push to implement the CSAM spyware in the face of very vocal opposition by privacy and security researchers (including myself) and civil libertarians around the world revealed to me that Apple’s promises … Continue reading Take Control: Email
Robocall-driven spam/scam calls are out of control. I know, what else is new, but I mean REALLY out of control. Until I developed the system I am about to show you, my phone would ring up to 10 times a day from scam/spam calls at all hours, even after I had implemented my carrier’s spam … Continue reading Take Control: Spam Calls
As I referenced in the Linkedin post below, spying should be assumed until proven otherwise for all Chinese-sourced digital products. China has a well-documented history of spying for the purpose of stealing intellectual property as well as gathering real-time intelligence, for both commercial and military purposes, and the groups behind both activities are often the … Continue reading China - Espionage or Sabotage?