Sunday, October 18, 2020

Copy-Paste Grows Up

We all know how valuable the copy-paste capability is. Even the iPhone added copy-paste in iOS 4.

On Windows, select an object, press CTRL+C, navigate to a new location, press CTRL+V and there it is!

Oh, you need to paste something you copied earlier? Tough. Go back and find it again (if it still exists), and CTRL+C it again.

Until now.

Recent updates to Windows 10 have added a built-in clipboard history.

Go to Windows 10's Settings > System > Clipboard to enable clipboard history.

Then when you want to paste next time, press Windows Key+V.

Here's what you'll see.

Enjoy!


Sunday, October 11, 2020

WFH Risks

This pandemic has popularized a new acronym - WFH - Work From Home.

That scares me. I worry that WFH security is not what it should be.

IBM published a Work From Home Study. Here are their Key Points:

  1. 93% of those newly working from home are confident in their company’s ability to keep personal identifiable information (PII) secure while working remotely, yet 52% are using their personal laptops for work – often with no new tools to secure it, and 45% haven’t received any new training.
  2. More than half have yet to be given any new security policies on how to securely work from home, leaving 47% concerned about impending cybersecurity risks
  3. 53% of employees are using their personal laptops and computers for business operations while WFH, however 61% also say their employer hasn't provided tools to properly secure those devices.
  4. More than half have not been provided with new guidelines on how to handle PII while working from home, despite more than 42% newly being required to do so as consumers lean on customer service representatives for a variety of services. 
  5. 66% have not been provided with new password management guidelines, which could be why 35% are still reusing passwords for business accounts.

Wow!

WFH scares me to death. What does this look like in another year?

Sunday, October 04, 2020

Total Cost of Ransomware

So you think that the ransom payment is the biggest cost of a ransomware attack?

Not even close.

A recent article by Decrypt covers the costs of ransomware.

Cybersecurity company Emsisoft estimated that total ransom payments that were demanded in 2019 was $25 billion.

That's bad enough. But Emsisoft estimated that the total cost was as much as seven times this, as much as $170 billion.

Most of the difference results from downtime and from dealing with the attack.

Coveware reports that it takes victims of a ransomware attack 16 days to restore their network. Think about your network being down 16 days.

Gartner suggests that the average cost per minute is $5,600. Tick-tock.

That's why 1 out of 3 companies just pay the ransom.

Don't be in that group.

Worry. React. Invest.


Sunday, September 27, 2020

Windows Tools

From time to time, I run across Windows tools. I'm NOT recommending any of these but just giving you a place to start looking.

O&O AppBuster

O&O AppBuster shows you which of these Microsoft-supplied apps with Windows 10 are installed on your computer and which you can install on request - even hidden apps are displayed here.

Remote Utilities

You can view screens remotely, send keystrokes, control the mouse pointer, transfer files and do any other operation just as if you were physically sitting in front of the remote PC.

Win10 All Settings

The main aim of the application is to help users customize Windows 10 in all circumstances with alternative configuration interfaces, and it can also perform some hidden settings.

Winaero Tweaker

Winaero Tweaker is a freeware app created by Sergey Tkachenko. It is an all-in-one application that comes with dozens of options for fine-grained tuning of various Windows settings and features.

It also includes most options which were available in free standalone apps at Winaero.com and extends them as much as possible.

 I will continue to maintain this list. Leave me a comment if you have suggestions.

Sunday, September 20, 2020

Social Engineering Risk

Recently I posted about Accenture Strategy's assessment on "Securing the Digital Economy."

My closing advice was:

Worry. React. Invest.

This week I want to share a real world example of the risk.

Waterloo Brewing Ltd. is a brewery in Kitchener, Canada. Their 2019 annual revenue was just under $50M.

Then in November 2019 they got hit with a social engineering attack.

The Ontario brewery says the incident occurred in early November and involved the impersonation of a creditor employee and fraudulent wire transfer requests.

They lost $2.1M! That's more than 1/2 their quarterly EBITDA.

How would that look on your balance sheet?