-
Metaverse security is a thing because security is still a thing…
With all this talk about the metaverse and Web3.0, it’s easy (always too easy it seems) for security to become an afterthought, instead of a before-thought, or even a during-thought. So, please. Let’s discuss METAVERSE SECURITY. Even if you still have no idea what the metaverse is or what the “Web 3.0/Web3” is, you must understand that being online on the Internet exposes you much like you are exposed the very moment you leave your house. Once you leave the domain and sanctuary of one’s home, we are exposed and take measures to mitigate risks and privacy. We wear clothing to protect us, yes, and also to shield our most…
-
What is a password manager and why do you need one…
I was speaking to a contact who is studying the cybersecurity industry and does not use a password manager. Interestingly enough, it’s actually a debate I’ve seen crop up a few times in cybersecurity circles. A password manager is an application to help your store and manage all the various usernames, passwords, URLs, what have you…that all come as a byproduct of the digital terrain that we are increasing surround by. I used to think “But MY password is unique! It’s not “password” or any of the typically mocked but often used, much maligned, stereotypical passwords. Oh, no. Mine was different and unique. And there are people who do this…
-
What Is The Metaverse?
The term “metaverse” is a word that has been around for decades but has recently been thrust into the broader spotlight, and is thus having it’s moment of media spotlight glory. The term “metaverse” is rooted in sci-fi literature by general consensus of, well, almost everyone. However, the term blasted into mainstream consciousness this past year, especially over the summer with Facebook announcing the beginnings of its own metaverse push, and further digging in recently with a full rebranding to Meta, A Social Technology Company amid the current turmoil in regards The Wall Street Journal’s “Facebook Files” investigation of whistleblower Francis Haugen. Mark Zuckerberg did not invent the term “metaverse”.…
-
FAA Plans Warnings on 5G…What 5G Means for the FAA, FCC and Air-safety…
FAA Plans Warnings to Pilots, Airlines Over New 5G Rollout… Air-safety regulators tussle with telecom regulators over safety concerns ahead of expansion of new wireless technology planned in December. “At the heart of the dispute is the U.S. rollout of 5G. Short for fifth-generation wireless, 5G technology offers internet speeds 100 times faster than today’s 4G service, potentially paving the way for new applications, revenue and jobs.” “To offer 5G, telecom companies need more space on the airwaves. Wireless spectrum is like land, in that the number of available frequencies is finite. The FAA-FCC clash is just the latest in a series of dis- putes between U.S. govern- ment agencies…
-
Blockchain & Money: Session 18: , by M.I.T. Sloan School of Management with Professor Gary Gensler
Session 18: Overview: Session 18: Study Questions: What are the opportunities that the Intercontinental Exchange is trying to tap with its recent announcement of Bakkt? Is it more about payment solutions or exchange trading? What to Microsoft and Starbucks hope to gain for their business models? Who is Jeff Sprecher? Who is Kelly Loeffler? How did these two–once a power plant entrepreneur and equity research analyst–successfully found a leading trading company, take over the New York Stock Exchange and now challenge conventions with bitcoin and blockchain technology Session 18: Readings: ‘ICE Announces Bakkt, a Global Platform and Ecosystem for Digital Assets’, ICE. ‘The NYSE’s Owner Wants to Bring Bitcoin to…
-
Amazon’s “Sidewalk” Mesh Network Goes Live; All Devices Are Opted-In Automatically By Default
Amazon’s neighborhood mesh network dubbed “Sidewalk” has gone live. Via the New York Times: On June 8, Amazon is set to flip the switch on its new free service called Sidewalk, which will automatically be enabled on many of Amazon’s Echo smart speakers and smart displays, as well as some Ring devices (for more details, see the complete list of compatible devices). Once Sidewalk goes live, compatible devices such as speakers, light bulbs, locks, and sensors will be able to connect anonymously to other Sidewalk devices to borrow a little slice of internet connectivity. That should enable some interesting features down the line as more compatible devices appear. It’s also creating a fair amount of…
-
What Is a CSIRT vs. CERT vs. CIRT???
CSIRT—Computer Security Incident Response Team is a concrete organizational entity (i.e., one or more staff) that is assigned the responsibility for coordinating and supporting the response to a computer security event or incident. CERT—Computer Emergency Response (Readiness) Team CERT should not be generically used as an acronym because it’s a registered trademark in the United States Patent and Trademark Office, as well as other jurisdictions around the world. Alternative names fur such groups include computer emergency readiness team and computer security incident response team (CSIRT). The name “Computer Emergency Response Team” was fist used in 1988 at Carnegie Mellon University (CMU). CERT is registered as a trademark by Carnegie Mellon…
-
How Was Colonial Pipeline Hacked/Breached? Because of One Single Employee’s Compromised Password
That’s all it takes, and usually what it comes down to. Passwords. As the founding contemporary lyrical wordsmith members of Wu-Tang would say, “Protect ya neck!“. Because without it, you’ll lose your head. Same with passwords! Protect ya passwords!!! All a malicious actor would need is a password to an account, and just like that (*finger snap!*), you’ve invited them in, like welcoming Count Dracula through your front door for Sunday dinner. So, Colonial, right…here’s the latest. After an analysis of the cyberattack on Colonial Pipeline, investigators suspect that hackers obtained the password from the dark web (think a marketplace for illicit activity) where such info is available for the…
-
‘Welcome To The Edge!!!’–What Is Edge Computing???
[Note: This is an evolving, continuously updating post for my research purposes to learn more about SASE, or Secure Access Service Edge. First, I’m laying the groundwork for what ‘edge computing’ is.] Edge Computing The term ‘edge’ is all the rage these days. From a infrastructure-centric point of view, “Edge computing is at it’s essence cloud principles applied at the network edge close to the user“[3]. It can include: Virtualization (Compute virtualization, Storage virtualization, Networking virtualization) Resources On Demand API Driven Approach Automated LCM Life-Cycle management Use of Commodity hardware [3] These are some of the powerful core cloud basic principles that make the network edge highly flexible and programmable.…
-
What is a ‘NOC’? What is a ‘SOC’? The Battle of ‘NOCs’ vs. ‘SOCs’…
Noc’ing the Soc’s Off You!! First of all, I want to preface this by stating and asking, “Why aren’t NOCs and SOCs the same thing???” Just initially hearing what the acronyms stand for alone, and going based off of that, I would think we would want “Network” and “Security” intertwined and treated with a holistic approach. Similar to how security should be “baked in” to software. NOC–Network Operations Center A NOC is a Network Operations Center (NOC, pronounced like the work ‘knock’), which can also be referred to as a “network management center”. It can be one or more locations from which network monitoring and control (i.e. network management) is…