So one of the latest phishing scams comes from New York. Basically, an attacker sends out an email purportedly from the DMV, saying that you have a short time to pay off one or more tickets before they rescind your driver’s license.
From our friends at KnowBe4:
“Here is a reminder that you need to be alert for fake emails that look like they come from your local police or State Dept of Motor Vehicles (DMV) claiming you have a traffic violation. At the moment, there is a local scam in New York that falsely states you have outstanding violations you need to either pay for or refute, and if you don’t your license will be revoked. This scam may spread to the rest of America soon. Remember that citations are never emailed with links in them, or sent out with an email attachment, and report scams like this to your local police department.”
In short, I’ve never heard of a DMV in any jurisdiction that contacts customers by email. They only contact people via regular postal mail. Don’t fall for this, and don’t click on any links that claim to be a DMV-sent email.
Many people are aware of Colonel John Boyd’s OODA Loop: Observe, Orient, Decide, and Act. There are entire books written on the topic. But for summaries, I like the article on The Art of Manliness (relax, the site’s not only for men). Colonel Boyd’s analyses of combat even helped the military recognize the need for maneuverability over speed. This translates to civilian defense in concepts like “Get off the X,” or Mr. Miyagi’s statement: “Best to avoid punch, no be there.”
Well yesterday, I had the fortune to read a blog post by Dan McCormack, author of the Defender Ethos blog. Go ahead and read that article. It’ll probably be better than me merely summarizing it for you. Continue reading OODA vs. OADA Loops; Keys to Survival
I’m going to try to keep a series of posts going on about recent scams going around. I get these from a few sources, most notably KnowBe4 and SANS blogs.
Today, I’ll start with some news about ransomware being served up in a “benign” Microsoft Word file. Continue reading SCAM – A New Line of Posts
Okay, I’ve been meaning to write a post very much like this one for quite some time. But James Kirchick at the Daily Beast beat me to it. And I cannot do it better. Though, I do have some commentary. Continue reading The Paradox of the Pro/Anti Gun Arguments
So it appears the federal government, supposedly under the purview of the Obama administration, won’t seek to create a law to force back doors into encryption.
But that’s not the entire story. You still need to be cognizant of your communications, and here’s where it gets tricky. Continue reading No Government-Mandated Decryption
Okay – this one was supposed to be short, but I just couldn’t stop…
By now, you’ve heard of the disgusting act of people doing the #EricSheppardChallenge and stomping/standing/desecrating the United States Flag. Most people would say that it’s federally illegal.
However, Wikipedia states that it was a proposed constitutional amendment that failed most recently in 2006: Continue reading Stomping the Flag, Eric Sheppard and Shane Lawler
SANS, pretty much the leader in cybersecurity, posts a monthly newsletter called “OUCH!” This month’s topic is about passwords/passphrases with greater security, and Two-Factor Authentication (a.k.a. Two-Step Verification).
Check it out: http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201504_en.pdf
I hate bullshit. And I must state that my bullshit meter gets enough use that the warning alarms are ringing in my ears right now. It’s why I research any topic I come across to death. Basically, I can’t fathom how some people can really make up their opinions when they don’t truly know all the facts.
But some hoplophobes seem just hell-bent on providing misinformation and or outright lies. In this “PSA”, the anti-gun groups are trying to associate the guns they “sell” with the crimes, as if the guns themselves committed them. Continue reading A “Public Service Announcement” That’s More Public Disservice
Well, after a few weeks of having server and DNS issues, I’ve decided to completely move to a Dreamhost plan. They were offering a kick-ass deal with Lifehacker readers, so I took them up on the offer.
The new URL is officially http://ryancash.co, but the old url, http://ryancash.tk will still redirect here almost seamlessly.
Stay safe and sane!
If you own a Lenovo computer and never wiped it and re-installed an operating system on it yourself, you may want to perk up for this news.
It turns out that Lenovo was pre-installing a “Superfish” certificate that would effectively intercept all SSL/TLS-encrypted traffic – usually banks and any site with a payment component, and others.
Way to kick my teeth in, Lenovo. I’ve only been recommending you now for two years. Continue reading Really, Lenovo? A Pre-Installed MITM Attack?