Websense’s Operation SpearPhish

Today I received an email from Websense that asked “how good are you at caching a “phish”.   It was promoting their email security products and had a link to “take the Operation Spear Phish Challenge”. As I clicked on the link I realized that I had just failed. Fortunately, the link actually was for a “spot the …

Continue reading ‘Websense’s Operation SpearPhish’ »

File Attachments, Security Awareness and Sophos

“We’ve done a pretty good job about teaching people not to open executable attachments in their email”, claims Sophos’ Chet Wisniewski in a recent YouTube video educating users about the dangers of PDF files. I nearly fell out my chair.   I took that as a general statement about Information Security and users.   While it may be …

Continue reading ‘File Attachments, Security Awareness and Sophos’ »

Yet Another Aitel Security Awareness Response

Users will click yes to anything, just so they can do what they want.   So it is easy to socially engineer them into saying yes to any prompt, oblivious that they are allowing malicious code to run.  As a result, security awareness training starts to feel like the fun police.   “Don’t run with scissors!”   “Don’t …

Continue reading ‘Yet Another Aitel Security Awareness Response’ »

CyberSecurity Awareness Month

October is designated Nation CyberSecurity Awareness Month by the National CyberSecurity Alliance and the Department of Homeland Security.  This month, I will be focusing on awareness topics.   Non-security people aren’t aware of the risks inherent in their computer use .  Campaigns like this seek to adjust perceptions of risk and remove the “it couldn’t happen …

Continue reading ‘CyberSecurity Awareness Month’ »

Lifelock and Menard

Radio hosts reading commercials often try to sound live and ad libbed (a “live read”) when doing commercials.   Its one thing when discusing how great Snapple is, its another thing when discussing a technical topic.   I wonder if these live reads are approved by legal. Today I heard a radio show advertising lifelock which used …

Continue reading ‘Lifelock and Menard’ »