If you are a high risk or high net worth user of Google’s popular Gmail platform, Google Drive, or other Google services such as YouTube or Google Analytics, Google has come up with an advanced security program for you.
Thanks to Datarecovery.com, for alerting us to this issue. They have seen a high number RDP (Remote Desktop Protocol) attacks lately. Generally, these attacks are targeting Microsoft Windows-based servers, where port 3389 has been left open.
The attacker scans for open port 3389, and then uses a password dictionary attack to break the server password. Once the password is found, the attacker can exploit the server or sell access to the server ...Continue Reading →
H.R.4036 – formerly called the Active Cyber Defense Certainty (ACDC) Act and informally called the hack-back bill – was introduced as an amendment to the Computer Fraud and Abuse Act (CFAA) last week. Introduced by Georgia Republican Tom Graves, and Arizona Democrat Kyrsten Sinema, in the House of Representatives. ...Continue Reading →
From the Smithsonian. Last week, Saudi Arabia, became the first in the world to grant citizenship to a robot during a technological summit held in its capital. Sophia, created by Hanson Robotics, is designed to look like Audrey Hepburn and possesses advanced artificial intelligence. She can ...Continue Reading →
A recent test of web browsers by NSS Labs showed the Microsoft’s much maligned Edge browser beat Chrome and Firefox by wide margins in its ability to detect and block malicious downloads embedded in phishing landing pages and other malware infected web pages. Edge version 38 blocked 96% of malware samples in the form of malicious links and pop-ups, compared with 88% for Chrome version 60 and 70% for Firefox ...Continue Reading →
If you own or manage a small business that is part of the DOD supply chain, then you should be well on your way to completing the 130+ item compliance checklist as set out in NIST 800-171. Compliance needs to be in place by the end of 2017, only a few months away. Because I am working with a few clients that this ...Continue Reading →
We have covered this issue before, but it bears repeating. The new NIST Digital Identity Guidelines are out, and they have thrown out some old password chestnuts because they did not work, or did not work as intended.
Below are the significant changes to password policy.
Veteran’s day is a remembrance of all U.S. military veterans – past and present. It is celebrated every November 11th, and has been a federal holiday since 1926.
10/31/2017 08:14 AM EDT Original release date: October 31, 2017
Building resilience in critical infrastructure ...Continue Reading →
Websites are a popular target for cyber-criminals, because they offer a platform for malicious activity. A hijacked website can be used for hosting malware downloads or phishing landing pages. Personal information stored in a website database about site users, including user names and passwords and other personal information can be extracted, decrypted, and sold on the Dark Web.
I have devoted many articles to properly securing WordPress websites. Now there is a ...Continue Reading →
Not everyone can hire a cyber security expert. Globally, 70% of employers plan to increase the size of their cybersecurity staff this year. Not only is there ...Continue Reading →