5 million Google accounts in the wild: data dump, not a hack
Sep10

5 million Google accounts in the wild: data dump, not a hack

There are only two things you need to know about the gmail mess from Wednesday: It was not a hack of 5 million gmail accounts. Use Google to check the integrity of your account, not a third party site like isLeaked.com. And then go set up two-step authentication on your email. 1. Not a hack When an account has been hacked, it has been compromised. Someone other than the owner has the digital keys to the account and has (usually) done...

Read More
Heartbleed bug: what to do, who’s affected, who’s done what?
Apr09

Heartbleed bug: what to do, who’s affected, who’s done what?

UPDATED: By now, you should have heard about the Heartbleed bug that decimated encryption for web servers that were using a version of OpenSSL dated December 31, 2011 or later. The latest news on this ongoing story is on my Storify. What to do? Change your passwords on accounts where you would be upset if someone were to steal into a digital trove of personal information — like credit card numbers, for example. Generally...

Read More
Evernote Security Breach Announcement Includes One (Big) Stumble
Mar03

Evernote Security Breach Announcement Includes One (Big) Stumble

You’ve heard by now that Evernote had a major security breach and is forcing its customers to reset passwords… 50 million accounts. What you may not have realized is that Evernote’s email announcing the problem – a much more transparent and prompt response to the issue than most of the tech giants who preceded them down this path – included what looked like a spoofed link to a password-reset page. I...

Read More
Beefing Up Facebook Security: How To Set Up Two-Step Verification
Feb02

Beefing Up Facebook Security: How To Set Up Two-Step Verification

One way to make it harder for bad guys to access your online accounts is to require more than a username and password to access an account. Google uses a two-step verification process tied to account credentials and your mobile phone. So does Facebook. And as Alex Howard points out, security has always been important but events are conspiring to suggest just how important. Learn how to set up two-step verification on your Facebook...

Read More
Attn: WordPress Installs On MediaTemple
Sep11

Attn: WordPress Installs On MediaTemple

Looking For A New Host The WordPress installation at motogrrl.com/blog was infected with malware from http://oeooea.com on Friday. The Media Temple support page (WordPress redirect exploit) has not been updated to reflect this new vector, even though Sucuri.net posted an alert on 3 September 2010 and another Media Temple customer used Twitter to alert the public to the problem on 31 August 2010. According to Sucuri.net, the full path...

Read More