Dave’s LIfe – DavidJohnston.org

I’m back!

February 16, 2020 by Dave

My wife Grace just started a blog for a class she’s taking. Seeing her post each week, made me think about how much fun I had blogging years ago. I had a blog from 2004 to about 2013 with several names including dave.sonic.net, AngryVillagers.net, and FriendsofDave.org. I liked having a place to capture my thoughts. …

How to Help Spoil the Cybercrime Economy August 11, 2020
Cybercrime increasingly is turning into a commodity. Stolen PII data and hijacked cloud accounts especially propel the spread, research shows.
Gamifying Password Training Shows Security Benefits August 10, 2020
When picking passwords, users often fall back on certain insecure patterns, but good habits can be learned using simple games, a group of researchers find.
Better Business Bureau Warns of New Visa Scam August 10, 2020
Visa limitations due to the novel coronavirus have given rise to a wave of scams aimed at visa-seekers.
Q2 DDoS Attacks Triple Year Over Year: Report August 10, 2020
Distributed denial-of-service attacks have stayed consistently high throughout 2020, a shift from normal attack trends that researchers attribute to COVID-19.
Reddit Attack Defaces Dozens of Channels August 7, 2020
The attack has defaced the channels with images and content supporting Donald Trump.
Researcher Finds New Office Macro Attacks for MacOS August 7, 2020
Building successful macro attacks means getting past several layers of security, but a Black Hat speaker found a way through.
IoT Security During COVID-19: What We've Learned & Where We're Going August 7, 2020
Vigilance and ongoing training combined with an integrated security framework are key aspects of a successful strategy in the fight against the latest crop of pandemic opportunists.
Dark Reading Video News Desk Returns to Black Hat August 6, 2020
UPDATED: Coming to you prerecorded from in front of carefully arranged bookcases around the world ...!
Exploiting Google Cloud Platform With Ease August 6, 2020
Security engineer Dylan Ayrey and Cruise senior infrastructure security engineer Allison Donovan describe fundamental weaknesses in GCP identity management that enable privilege escalation and lateral movement.
Office 365's Vast Attack Surface & All the Ways You Don't Know You're Being Exploited Through It August 6, 2020
Mandiant incident response managers Josh Madeley and Doug Bienstock describe how thoroughly Microsoft 365 (formerly known as Office 365) extends into corporate networks, describe both sophisticated and simple attacks they've detected, and suggest mitigations as businesses rely more heavily on the cloud.