TAPROOT SECURITY®
Cybersecurity Consulting

Hackers don’t exploit our computers; they exploit our ignorance. Most of us lack even a basic idea of how our digital gadgets work. ...

A massive worldwide ransomware outbreak is happening because a secret US government program called VEP failed.

One of the most critical parts of the Internet is managed by one small company. To browse a web site, you have to obtain the Internet...

Business lingo is suboptimal. The word “suboptimal” is a good example. It entered corporate biz-speak in the 1980s as a euphemism for...

As you probably know, a trove of documents about classified CIA hacking tools code-named “Vault 7” was recently published by WikiLeaks....

The information security profession has long mined biology for metaphors to describe cyber threats. For example, we call certain forms...

If you were born before 2011, there’s a good chance I can guess your social security number (SSN). June 25, 2011 was when the Social...

The day of reckoning is here. President Obama vowed to strike back against Russia after the DNC hacks. The attack window was set between Election Day and Inauguration Day. And since Trump won, Obama cannot defer it to the next administration. Any counter-strike must happen now or never. Assuming a CIA covert operation (as NBC reported ) it may have already begun. Yesterday CIA officials briefed Congressional leaders on the DNC breach, offering credible evidence it was

When the US Cyber Command (CYBERCOM) was founded in 2009 to establish our nation’s cyber fighting force, it was grafted onto the National...

Last week the White House announced the appointment of Gregory Touhill as the nation’s first Federal Chief Information Security Officer (CISO). Touhill is a retired Air Force general currently serving as acting director of the National Cyber and Communications Integration Center ( NCCIC ). When I toured the NCCIC operations floor, I wasn’t impressed by the walls of monitors or flashing red lights. What impressed me was the people. They seemed to work as a real team in an

YELLOW ALERT! SOMETHING BAD MAY OR MAY NOT HAPPEN! TAKE NO ACTION!! Such yellow alerts haven’t worked effectively since the Star Trek...

Malware is like pornography; it’s hard to define, but we know it when we see it. At least we think we do. The Pokemon Go craze provides...

After my previous blog post about Amazon Web Services, a few people nervously asked me about cloud security. Can we really trust our...

Few noticed as Amazon began to morph from the world’s largest bookstore to the world’s largest cloud computing company. Now, ten years...

Since 2014 the nonprofit Internet Security Research Group has led a laudable effort called "Let's Encrypt" with support from Cisco, EFF,...

Conspiracy theories sprout like mushrooms in the fertilized hothouse known as Twitter. Today, in the wake of news reports that Russian hackers stole Trump opposition research from the Democratic National Committee, Twitter is abuzz with speculation that Russia carried out the operation on behalf of Donald Trump. After all, why else would Russia want those files? After all, aren’t Putin and Trump BFFs? By #twitterlogic it must be true. DNC called in CrowdStrike to investi

The National Institute of Standards and Technology (NIST) is the US government agency that sets technical standards for everything from...

Many think the Apple versus FBI saga ended when a third party offered to crack Syed Farook’s iPhone and the FBI withdrew its formal...

If you own an Internet domain, you’ve got a target painted on your back and cyber criminals are coming for you. The target is your Whois...