Darren

@[email protected]
463 Followers
64 Following
139 Posts
infosec awareness & behaviour science.
Ex infosec journo @TheRegister @SCMagazine @ZDNet @ComputerWorld
Wurundjeri land, sovereignty never ceded.
DarrenJun 8, 2023
Apple, Spotify, Samsung, Verizon, have banned staff in various capacities from using ai like ChatGPT.
What about your company?
Full ban
0%
Partial ban
100%
No ban
0%
Poll ended at .
DarrenJun 5, 2023
Would love input: Onshore regular public wifi as a notable, say, top 10 security concern for small businesses or consumers is:
(boosts appreciated!)
Valid
0%
Overblown
66.7%
Rubbish
33.3%
Other / see comments
0%
Poll ended at .
DarrenApr 26, 2023
My kids' school had this excellent graphic in the newsletter.
Show threadDarrenApr 26, 2023
@rohan_p it said i need to install activex to view the best tips, brb
DarrenApr 26, 2023
EAST's ATM fraud report is out for Europe 2022 and the new vibe is jamming dispensers:
Physical cash traps up 244% to 7k incidents clocking €200m in losses.
Physical attacks as a category were down a bit but explosives were up 16% with 727 incidents clocking $11m in losses.
The nerds must be too busy popping crypto and ransomwaring with ATM malware & jackpotting down to just 31 attacks that chalked up €136k in losses.
Card skimming continued with some €167m in losses. Full report only available to members.
DarrenApr 26, 2023
Getting half a dozen of these 'Haruki' spam / phishing emails a day in Gmail with different but similar pretext.
Odd, because they look like classic spam and I ordinarily get zero spam.
Anyone recognise it?
DarrenApr 11, 2023
Infosec parents: have you ever seen a baby monitor that satisfies your security & privacy concerns or have you set one up in a certain way that does satisfy?
Boosts appreciated!
(for story research, not my own kids. I used the baby monitor 3g app on an old device for audio, not visual)
DarrenApr 4, 2023

The tech dystopian hellhounds in Services Aust seemingly obsessed with stomping on the vulnerable are using Cellebrite to pour through Whats App and other app chats in pursuit of overpayments. Thresholds for when Cellebrite is used aren't known.

https://www.itnews.com.au/news/password-crackers-and-metadata-used-to-check-centrelink-users-relationship-status-592649?

Password-crackers and metadata used to check Centrelink users' relationship status

When suspected of falsely claiming single payments.

iTnews
DarrenMar 28, 2023
What five or six things would you recommend the average non-tech specialist, busy, cash-strapped small business do to improve its security? Rough order of importance.
Boosts appreciated!
DarrenMar 28, 2023

Small business are fucked in Oz with respect to infosec. Scant time to learn. No money or avenue to pay it away. MSPs doing IT but quietly not security. Government offering another pdf guide. Vendors snake oiling av and bullshit as a solution to wider security problems.

The way I see it, biz needs an option to pay the worst bits of the problem away.

Wouldn't it be grand if MSPs were compelled to disclose the security stuff they do and more specifically don't cover?

When broad expectations are at odds with reality (the tech people handle security, don't they?) it's hard to see it as anything but deception.

In the meantime, they're getting rinsed and help is disjointed, disparate, contradictory, and wholly inadequate.