As most of you know, my MetaMask crypto wallet was hacked on Sunday morning and drained of $400 worth of ETH. In the chronicle, which you can read here, I logged how quickly dozens of bots responded to my social media pleas for help. The content (from obvious bots or hackers with good social listening tools) generally pointed me to Instagram accounts or linked me to people who could "help me" get my crypto back. This was all obvious nonsense. Continue Reading →
Google has started forced enrollment in its two-factor authentication program (2FA). Google actually calls it "two-step verification" (2SV). I don't know why. 2SV requires users to input the correct password plus one other form of identification, which can be a code that appears on your smartphone, a USB stick or other physical security key, or an associated code you find in Google's Authenticator app and enter in a timely manner. Continue Reading →
Meta announced that Facebook will end its face recognition feature. You know when you upload a picture and the app saves you time because it knows how to tag everyone? Facebook is going to turn that stuff off, but… it's not deleting any data and it's not going to stop using its tools internally. Continue Reading →

The Halloween Hackers

A ransomware gang has targeted Ferrara Candy, the confectionary responsible for producing 85 percent of the nation’s supply of candy corn (approximately seven billion pieces per year). Continue Reading →
Today is a great day to have a chat with your team and go over your business resiliency and business continuity plan. If you get hit with a ransomware attack this afternoon, what happens? Who gets notified and in what order? Who initiates the restore protocols? How many hours, days, weeks of backups are available? Which servers go back online first and in what order? Continue Reading →