Search Results for: hack a car

Corporate Espionage: Hacking A Company Through A Chinese Restaurant Takeout Menu

Corporate espionage (industrial espionage) is a favorite topic of mine. I have written and presented on the subject quite a bit and, while I am never sure how my readers react when I write about this, I do carefully watch the look on my audience members’ faces when I first mention the issue. The story…

Read More

Tuma quoted in Computerworld article: “A year after Swartz suicide, reform of anti-hacking law remains elusive”

I am honored to have been quoted in today’s Computerworld article about Aaron Swartz and reforming the Computer Fraud and Abuse Act titled A year after Swartz suicide, reform of anti-hacking law remains elusive: Calls for changing the Computer Fraud and Abuse Act have made little headway. The article also quotes Hanni Fakhoury of the Electronic Frontier…

Read More

You should know this > “What do connected cars and toilets have in common?”

What do connected cars and toilets have in common? That is the title to a recent Blog Post about an upcoming presentation at VMWorld 2013, Barcelona and, when I read it, I just had to quiz my readers to see who remembered … Come on now, you do know the answer to this question, right? I…

Read More

The White House Cybersecurity Plan – the Devil is in the Details

“The devil is in the details” — that about sums up my take on the White House Cybersecurity Plan. Many thanks to Lily Newman for including this and some other points from our discussion in her Wired article The High-Stakes Blame Game in the White House Cybersecurity Plan. I appreciate that the Administration is talking…

Read More

OCR Guidance on HIPAA Security Rule Security Incident Procedures for National Cybersecurity Awareness Month

On October 25, 2022, the U.S. Department of Health and Human Services Office of Civil Rights in its October 2022 OCR Cybersecurity Newsletter provided guidance titled HIPAA Security Rule Security Incident Procedures. This guidance is not only a must-read for all healthcare “covered entities,” especially small and midsize organizations, but it is excellent advice for…

Read More

Feds Will Not Charge Good Faith Security Research Under the CFAA

On May 19, 2022, the U.S. Department of Justice directed prosecutors to not charge security researchers who report cybersecurity vulnerabilities in “good faith” with violations of the federal Computer Fraud and Abuse Act (CFAA). The DOJ’s press release titled Department of Justice Announces New Policy for Charging Cases under the Computer Fraud and Abuse Act…

Read More

The Art of Cybersecurity: How Sun Tzu Masterminded the FireEye / US Agencies / SolarWinds Cyberattacks

Sun Tzu taught that, when it comes to the art of cybersecurity, you must be wary of your business partners and other third parties. Why? Unless you are living under a rock, you should have heard that FireEye–perhaps the preeminent cybersecurity firm on the face of the planet–was the victim of a successful cyberattack. So…

Read More

***URGENT*** MEMO TO: “The IT Guy” RE: Securing RDP Access–Changing the RDP Port Does Not Work!

***URGENT MEMORANDUM*** TO:   “The IT Guy” FROM:   Your clients’ Incident Response Coach SUBJECT:   Securing RDP Access–Changing the RDP Port Does Not Work! This Memo comes out of necessity, please take it seriously. I have now lost track of how many times over the past couple of months I have been on “scoping calls” with a…

Read More
%d bloggers like this: