ICSA Labs Blog: privacy

Smart door locks, fitness bands, home security cameras, oh my! 5 tips for consumers to protect themselves

Because of technology and the Internet of Things (IoT), our lives are different today than they once were and better, as a result, in so many ways.  We live in an age where one no longer needs a key to enter his/her home. Effortlessly, we can recount to our friends how many miles we have walked and calories we have burned. And we no longer have to be present to turn the lights on or off at home.

Personal Information at Stake in Enterprise Mobile Apps

There have been several reports this year indicating that many popular, free apps and a surprising number of the most popular paid apps – either Android or iOS – are not good at safeguarding sensitive information.  From contacts to calendars, an amazingly high percentage of app developers don’t seem concerned with protecting your sensitive information. 

Even so, there are apps that accidentally, spectacularly, and unexpectedly transmit your sensitive information. Take Tumblr (now part of Yahoo!) for example.

Facebook exposes some emails and phone numbers – Big Deal!

Hi folks,

Over the weekend, FaceBook disclosed that a bug in their code had accidentally leaked some six million email addresses and phone numbers over the course of about a year. While the majority of the comments on FaceBook’s Mea Culpa page indicate outrage and worry, in my opinion, no one should be in the least bit surprised.

By this, I’m not implying that FaceBook is unprofessional in how it codes its website, or that it is unconcerned about its users’ privacy. It’s simply a tough job, and humans make mistakes.

Mobile App Insecurity

Not that long ago enterprise users did all of their computing work with PCs. Then, the small set of applications utilized each day was largely developed by a few, well-known vendors. Today’s mobile world is much different; there is a much larger set of less recognizable software developers who create mobile apps for enterprises.  

Cloud Security: Not all Clouds are Created Equal

This was my initial response to a question posed by the panel moderator, Brad Gow at the NetDiligence Cyber Risk and Privacy Forum a few weeks back.  Our panel was focused on emerging technologies, and was comprised of myself, Tom Kellerman (Trend Micro), Mike Viscuso (Carbon Black), Brad Gow (Endurance Insurance), and Mark Teolis (

When Ages and Revolutions Converge

As this is my first post on ICSA Labs’ blog, I thought I’d take a little bit of time to explain how I currently see the malware world. For those who don’t know me, I’ve been dealing with viruses and assorted malware since 1987, which is about when the first viruses appeared.