|"Practical stories to be shared with others..."|
Scott Wright - The Streetwise Security Coach
Security Perspectives Inc.
Welcome to the Streetwise Security News
The Streetwise Security News is my monthly newsletter which highlights recent security stories in the news in an informal and non-technical manner. I provide my thoughts on what the important issues are. Each issue also has updates on my initiatives, keynotes and workshop events.
To sign up for the Streetwise Security News and receive a free copy of my Security Resources Guide, click HERE
Warm Regards,Scott WrightThe Streetwise Security Coach
- Streetwise Security Newsletter Issue #22 - June 2016 (6/30/2016)
- - Feature Story: This old email attachment icon signals a new danger
- Many LinkedIn users don't seem to be aware of risks from fake connection requests
- It just got more expensive to lose your personal information to identity theft
- A "Pseudo-Breach Story": A live recorded example of how attackers get into online accounts using social engineering
- Why is the Security Team trying to trick us? - The #1 Pitfall of Employee Phishing Assessments
- Terminology: Insider Threats
- Streetwise Security Newsletter Issue #20 - April 2016 (5/1/2016)
- - Feature Story: Sorry, we're turning your connected device into a brick now
- WhatsApp helps you prove you may not have done it
- Don't be too quick to pay extortion fees based on the threat of an attack
- 3 reasons why teaching somebody to drive a car is easier than training employees to work securely
- Data Breach Story: Law firms hacked for insider information
- Terminology: Brick
- Streetwise Security Newsletter Issue #19 - Mar 2016 (4/1/2016)
- - Feature Story: Three dumb routers are coming to a home network near you
- Data Breach Story: The security fairy isn't going to close your open vulnerabilities for you
- Data Breach Stats: 70-90 percent of malware attacks on businesses are unique to the organization
- IT Managers: Hospital ransomware attacks are just a stepping stone to your industry
- Terminology: Router
- Shared Security Podcast #52: Creepy New Social Network, Phishing Dangers, Ransomware
- Streetwise Security Newsletter Issue #18 - Feb 2016 (2/29/2016)
- - Feature Story: ...But our iOS passwords go to 'Eleven'
- Terminology: Online Behavioural Advertising
- Data Breach Story: Hospital pays $17,000 in ransom to recover patient data
- Streetwise Security Tip: Don't forget to back up your smartphone data
- IT Managers: Try using due diligence risk to justify security
- Remind yourself how smart thieves are
- Shared Security Podcast: Episode #51: An interview with the Privacy Commissioner's office
- Media news stories featuring comments From Scott
- Streetwise Security Newsletter Issue #17 (1/29/2016)
- - Feature Story: Malicious apps can inflate each others' ratings...
- Terminology: "Responsible Disclosure"
- From Scott's Blog: Putting all your eggs in one basket with a password manager
- Shared Security: Why it's important for a wireless home security system to "fail" properly - Streetwise Security Tip: Avoid participating in Facebook quizzes to stay off "sucker lists"
- A Cyber-Crime story: Is it Crime or is it Cyber-Crime? And can it be covered by insurance?
- Streetwise Security Newsletter Issue #16 (1/1/2016)
- - Feature Story: You may fear the tax man, but don't be fooled by this scary scam...
- Terminology: "Pharming attack"
- From Scott's Blog: How ID badges can hurt security and what can be done about it
- Shared Security: How your search queries on Google and other search engines could end up putting you on a SUCKER list
- Streetwise Security Tip: Use "Full Disk Encryption" on laptops and mobile devices
- Data breach story: When stolen banking data is used for extortion
- Streetwise Security Newsletter Issue #15 (12/1/2015)
- - Feature Story: This phone scam exploits your trust in storage sites like Google drive...
- Terminology - "Man-in-the-Middle attack"
- From Scott's Blog: Top 10 reasons NOT to do security awareness training
- Shared Security: Why fingerprints are not a good alternative for passwords
- Streetwise Security Tip - Disable the "tap-to-pay" feature on debit cards
- A Data breach story: Should the real perpetrator in the LA Times hack be prosecuted?
- Streetwise Security Newsletter Issue #14 (10/30/2015)
- - Feature Story: The life-or-death question to ask before your next MRI, or any computerized procedure...
- Terminology: "Attack Vector"
- From Scott's Blog: True story shows how scams on free classified sites will spoof PayPal for credibility
- Shared Security: Everyone you know will be able to rate you on the terrifying 'Yelp for people' - whether you want them to or not
- Streetwise Security Tip: Don't forget to turn off "Discoverable Mode" on your mobile devices after pairing them
- Data breach story: When Uber's driver database key was exposed, it's not surprising that predators appeared
- Streetwise Security Newsletter Issue #13 (9/30/2015)
- - Feature Story: This guy targeted the wrong company with an email attack...
- Terminology: "Security by Obscurity"
- From Scott's Blog: Baboons can demonstrate the same risk management skills as some managers
- Shared Security: Top 10 Implantable Wearables Soon To Be In Your Body
- Streetwise Security Tip: Use an automated, secure backup facility to protect your important documents against accidental loss
- Data breach story: "They Burned Down the House" - An interview with the Sony Pictures CEO
- Streetwise Security Newsletter Issue #12 (9/1/2015)
- - Feature Story: A fridge that gives up your Gmail password? That's just cold...
- Terminology: "Doxing"
- From Scott's Blog: ISAC is a community-based approach to addressing cyber risks in industry verticals
- Shared Security: Vizio SmartTV's Collect a Scary Amount of Information
- Streetwise Security Tip: To reduce privacy and social engineering risks, use a reputable, paid email service for important electronic correspondence
- A Data breach story: Ashley Madison's big can of worms...
- Streetwise Security Newsletter Issue #11 (8/1/2015)
- - Feature Story: Just when you thought it was safe to drive a new car...
- Terminology: FUD
- From Scott's Blog: Politically correct justifications for addressing insider employee security threats
- Social Media Security: Fake Notice From Facebook
- Streetwise Security Tip: Wait a while before upgrading to brand new versions of software
- A Data breach story: UCLA Health System data breach affects 4.5 million patients
- Streetwise Security Newsletter Issue #10 (6/30/2015)
- - Feature Story: Everything's amazing and nothing seems secure
- Terminology: Hash
- Social Media Security - Using Instagram securely
- Streetwise Security Tip: Take a moment to review that Friend Request or Invitation to Connect
- A Data breach story: Attackers harvest customer info on a malware infected eCommerce website.
- Streetwise Security Newsletter Issue #9 (6/1/2015)
- - Will your car unlock itself for a thief with a $17 gadget?
- Terminology: Backdoor
- High impact, low likelihood security incidents are hard to prevent, but you can still prepare
- Social Media Security: How social networks and easy information access are causing big problems for adopted children and their families
- Streetwise Security Tip - Use a good password manager program to easily manage many different, strong passwords for multiple websites
- A Data breach story: What happens when a single email account is hacked in a transactional email service company?... Very bad news happens.
- Streetwise Security Newsletter Issue #8 (4/30/2015)
- - Don't be silly. Your TV isn't spying on you - or is it?
- Terminology: Cyberphysical
- Why the Internet of Things needs your attention now
- Investigating your Digital Shadow with some cool tools
- Streetwise Security Tip - Securely dispose of old memory sticks, smartphones and other electronics
- A Data breach story: 25,000 patient healthcare records compromised by phishing attack on a hospital employee's email account
- Streetwise Security Newsletter Issue #7 (4/1/2015)
- - Your location has been shared HOW MANY times?
- Terminology: Oversharing
- Why not have 2-person over-ride in all commercial aircraft?
- Social Media Security: We call Emily's FitBit to the stand, your honor
- Streetwise Security Tip: For added privacy, use separate email addresses for web portal services like calendars, forums, etc.
- A Data Breach Story: NYPD Officer caught accessing personal info of private citizens... 6400 times
- Streetwise Security Newsletter Issue #6 (3/1/2015)
- - Only 31% of detected breaches were found by victim organizations. Who found the rest?
- Terminology: Geolocation
- How can you tell if your organization is set up to defeat attackers or your auditors?
- Who's tweeting and Instagramming nearby? You can find some of them with Echosec
- Streetwise Security Tip - Don't blindly accept all privileges requested by mobile apps (they often don't need all of them)
- A Data Breach Story: It's much easier to rob a bank when the bank robbers can sit and watch bank employees doing transactions with keyloggers
- Streetwise Security Newsletter Issue #5 (1/31/2015)
- - If you had a really bad password, wouldn't you tell Jimmy Kimmel?
- Terminology: Zero Day Vulnerabilities
- Three ways to make security awareness education more engaging and effective
- Social Media malware that tags your friends for faster propagation
- When choosing passwords, spell words incorrectly
- Breach story: Zappos
- Streetwise Security Newsletter Issue #4 (12/31/2014)
- - Why the Sony hack has so many lessons for all of us
- Terminology: Pretexting
- SnapCash, YikYak and social media security tips
- Some reasonable privacy predictions for 2015
- A hacking story - The Onion gets phished
- Streetwise Security Newsletter Issue #3 (11/29/2014)
- - Tech Support Scammers finally get shut down by FTC
- Twitter never forgets, what you thought was ancient history
- Social Media Security Podcast - Episode 38
- Cyber Security Challenge Question
- Security Tip: Privacy Settings
- A short whaling story
- Streetwise Security Newsletter Issue #2 (10/31/2014)
- - Attackers had control of about 90% of JP Morgan's banking servers
- Malvertising definition and risks
- Tip on when to be more aware of scams
- Why all the recent retail credit card breaches?
- Managing your digital footprint online
- Streetwise Security Newsletter Issue #1 (9/10/2014)
- The first issue of my "New Look" newsletter.
- Home Depot credit card breach (Link to CTV News interview with Scott Wright)
- Scott's speaking events in September/October 2014
- Making security education more fun
- Tip on making online purchases safer
- Tracking you through your cat photos
Security Perspectives Inc.
2720-104 Queensview Dr.
Ottawa, Ontario K2B 1A5