Mike Foster's IT Security & Best Practices Blog

Latest Posts

Portable Radios Can Replace Family Phones

This is the time of the year when youngsters remind parents that all of their friends have phones, the latest model is out, and everyone is getting one! Some parents ask if there is an alternative. Yes. Continue reading ‘Portable Radios Can Replace Family Phones’


Wireless Security is Broken & What You Need to Do

Many organizations rely on a wireless password to protect their Wi-Fi networks. Behind the scenes, that password is used as part of a security protocol called WPA2. An attack, dubbed KRACK, has been announced that breaks that security. Continue reading ‘Wireless Security is Broken & What You Need to Do’


5 Steps to Take Now Even if You do not use Kasperski Anti-Virus

According to the Wall Street Journal, followed by the Washington Post, Russian hackers used Kaspersky anti-virus to steal NSA cyber defense information off of an employee’s home computer.

Even if you do not use Kaspersky, you still need to take 5 important steps. Continue reading ‘5 Steps to Take Now Even if You do not use Kasperski Anti-Virus’


Please Alert Your IT Pros – Increase Your Security Log File Capacity

Windows computers can keep a log of security events, such as failed logon attempts. It is helpful to know if attackers are trying to gain access to your network. When the log fills up, it overwrites itself with the oldest events first. By default, the log files are very small, and that makes it much easier for attackers to cover their tracks. Continue reading ‘Please Alert Your IT Pros – Increase Your Security Log File Capacity’


Do the Basics. Do not Believe that Threat Protection Software Will Save You.

This week, someone told me about a group of CEOs who came to the conclusion that their IT security was handled since they installed an artificial intelligence (AI) based threat protection tool. They didn’t know it, but they were wrong.  Continue reading ‘Do the Basics. Do not Believe that Threat Protection Software Will Save You.’


New iPhone and iPad iOS 11 Can Quietly Override Your Attempt to Be Secure

The new Apple iOS 11 has a feature that appears to permit you to turn Wi-Fi on and off from the easy to reach Control Center. However, some people in the security community are concerned since the setting does no such thing. Continue reading ‘New iPhone and iPad iOS 11 Can Quietly Override Your Attempt to Be Secure’


Your Software, such as CCleaner, May Have Backdoors

Can you trust programs you download? Millions of users, including outsourced computer firms, use a program called CCleaner on their own and on customers’ computers. CCleaner just announced that some of its software was compromised and has been stealing data from users’ computers. Continue reading ‘Your Software, such as CCleaner, May Have Backdoors’


Credit Monitoring is Not Enough – You Must Place Credit Freezes to Protect Yourself

Regarding the Equifax breach, the breach affects about half of America’s population, so take action. Experts agree that one of the best things you can do to protect yourself is to place a credit freeze on your credit reports. Continue reading ‘Credit Monitoring is Not Enough – You Must Place Credit Freezes to Protect Yourself’


What You Need to Do to Protect Yourself after the Equifax Breach

You may be one of the 143 million people affected by the Equifax hacking breach that was announced yesterday.

Data stolen may include contact information, dates of birth, driver’s license information, and Social Security numbers. Attackers can make money selling the information to people who could steal your identity and take out loans in your name.

Place a credit freeze on your credit report. To do so, contact all four: Experian, Innovis, Trans Union, and, you guessed it, Equifax. In total, you’ll spend less than $75 to place the freeze.

A credit freeze stops people for gaining access to your credit report. It is difficult for an imposter to borrow money if a lender cannot check a credit report first.

Remember, credit monitoring, though good, sometimes only catches bad things when it is too late.

A security freeze is more effective, and lasts longer, than a fraud alert.

Additionally, watch out for anything odd or abnormal on your bank statements. Download your credit reports every quarter to see what is on them. One way to see your credit reports is to use a service such as annualcreditreport dot com

The FTC gives suggestions about avoiding and handling identity theft at consumer.ftc dot gov/features/feature-0014-identity-theft

Equifax has set up a website equifaxsecurity2017 dot com for people to see if their information was part of the breach. However, many people have been experiencing problems with that website.

Executives – FYI: Reports say that the attack did not result from social engineering. In other words, nobody clicked a bad link in an email. The attackers got in because an Equifax website was insecure. Have you had someone check the security of your website lately? If your site simply displays static information, you are at a much lower risk than if your site has a place for someone to login and/or look up information via your site.

Reports say that the breach may have happened as early as May, and Equifax discovered the breach on July 29. The time between when attackers compromise a system, and when it is discovered, is called dwell time. The best thing to do is to stop hackers from getting in to begin with. Keep security a top priority at your organization! The attackers are counting on you to overlook important steps.

Please forward this to anyone you care about…


Make Life Easier – Go Back to Easy Passwords

NIST, the National Institute of Standards and Technology in the US, is releasing new password standards that make passwords so much easier… Continue reading ‘Make Life Easier – Go Back to Easy Passwords’