OS X logo

You’ve heard it more than once, I’m sure: “I cannot get infected because I have a Mac.”

Well, not only is it not true, but my experience has been that while Mac viruses and other malware are far fewer in number, they are often as bad or worse than the garden variety you encounter on Windows. The reason? There are far fewer of them. Malwarebytes tackles this in a recent article.

One tall tale is Macs are impervious to malware, so you needn’t worry about cybersecurity solutions. Antivirus and anti-malware protection is for the PCs. We’re here to bust that myth.

Source: Anti-malware for Mac | Malwarebytes Labs

LinkedIn logo

The story that LinkedIn was hacked broke yesterday, but how does it affect you?

Yesterday, Motherboard broke the story that LinkedIn was hacked. However, it turns out that it was actually four years ago, so why is it news today? More to the point, should you run out and change your password? Turns out, maybe, maybe not.

Continue reading “LinkedIn Was Hacked, Should You Change Your Password?”

spy silhouette

Technically, I would definitely call this “spyware” rather than the run-of-the-mill adware if the adware uploads screenshots!

A new adware has been discovered that performs a severe privacy breach by uploading a screenshot of the user’s active windows to a server under their control. This means that any info on the screen, whether it is a tax return, password manager, or corporate secrets is now available the adware company.

Source: Adware uploads Screenshot of your Active Windows without your Permission

[Re-blogged from The Guardian]

The law requires a balance between flexibility and tyranny, and was never intended to allow the government to dictate software design

All Writs Act: Congress wanted to give the government enough power to govern effectively, but also to set up limits so that the new government didn’t become a tyranny. Photograph: Nicholas Kamm/AFP/Getty Images

Apple’s celebrated fight with the FBI over the security of its encrypted iPhones has shone the spotlight on an old and obscure federal law from 1789 known as the All Writs Act (AWA).

The AWA is a short little statute, giving federal courts the power to “issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law.”

The FBI argues that the AWA empowers a court to order Apple to create custom software to circumvent the security on an iPhone possessed by one of the San Bernadino shooting suspects.

Passed by the First Congress in 1789, this little law is a piece of Swiss Army knife legislation that the FBI is trying to turn into a giant sword, out of all proportion to what it is supposed to do. But if we want to make sense of the current security and privacy controversy pitting the FBI against the tech giant, it helps to understand what the AWA is and what its limits are.

Read more at The Guardian.

Spammers and hackers can cause all sorts of problems, so here is how to block visitors by their referrer using Apache.


The other day, I was investigating some 500 errors on a WordPress site. Even if you are not a webmaster, you might realize that 500 errors are never a good thing. Upon closer inspection, I noticed that the errors were coming from different IP addresses, but they shared one of two common referrers.
Continue reading “How To Block Web Traffic by Referrer in Apache”


I keep waiting for the day when Adobe Flash is a thing of the past. Unfortunately, there are a lot, and I mean a lot, of older sites out there that use it. So, if you find yourself having to use it, at least add a layer of protection where it will prompt you as to whether or not it will run.

Old Goat Guide recently posted “Using Adobe Flash Player Responsibly” that gives instructions on how to set Internet Explorer so that you have to click to run Flash. Thankfully, Firefox now has this setting as the default, although it is called “Ask to activate”. If you are running Chrome, I suggest using the built-in PepperFlash (also available for Chromium, usually as a separate download), as I have found it more stable and less of a target for hackers.

LastPass gets breached, but I’m not all that concerned.

LastPass logo
LastPass logo

The web is abuzz today about the reported breach at LastPass, and there is way too much FUD being spread. I’m not concerned. There are multiple reasons to not be, but that does not mean I won’t go and change my password. I just won’t be running around with my hair on fire predicting doom and gloom. Continue reading “LastPass Breach Shows 2-Factor Authentication Is Important”

Tightening up on #WebsiteSecurity should be the next priority for your #WordPress site.

If your WordPress site has been up more than 2 hours, you’ve probably already collected a bunch of spam attempts.  There are several tools out there to help you out with spammers and hackers, but few do better in protecting against the former category, IMO, than Anti-Spam by CleanTalk.  Straight up, it is not free, but they have a short demo period that will likely impress you.  On top of that, it is only $8.00 per year. Continue reading “Tighten Security to Finish WordPress Site Migration”