I am admittedly a huge proponent of two-factor and multi-factor authentication. For me, TFA, 2FA, and MFA have allowed the password some badly needed extended life as a secure authentication method. With multi-factor authentication, losing your password to an attacker is not enough for them to gain access to and compromise a system, resource, or account.
Multi-factor authentication requires a user to log into ...
Continue Reading →
A quick Saturday digest of cybersecurity news articles from other sources.If you have a Symantec certificate on your HTTPS website, Chrome 70 and Firefox 63 will both be disowning any web certificates signed by Symantec. From this month forward, anyone with Chrome or Firefox who browses to a web page “secured” with a Symantec certificate will see an unequivocal warning insisting ...
Continue Reading →
Today we are featuring a guest column written by Jann Chambers at UK Web Host Review.
If there is one thing that all website owners today need to be concerned about it is website security. This is especially the case if you take online payments for your products and services.
You only need to do a quick search online and you will ...
Continue Reading →
So you think you want to be a cybersecurity professional? Or maybe you know (or are) a middle school (that’s right, start ’em young), high school, or college student who is looking at cybersec as a career path. What personality characteristics would you need to be successful? What drives, motivates, and challenges a cybersecurity professional? Just what kind of wingnut ...
If you use a password manager app on your smartphone, it may be vulnerable to package name spoofing, which would allow the password manager’s autofill feature to enter your login credentials on a spoofed web form. This vulnerability applies to popular apps from LastPass, Dashlane, Keeper, and 1Password.
I have been an advocate for password managers. They are part of the solution to ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.10/02/2018 06:32 AM EDT Original release date: October 02, 2018
October is National Cybersecurity Awareness Month (NCSAM), an annual campaign to raise awareness about cybersecurity. The National Cyber Security Alliance (NCSA) has published general tips to ...
Continue Reading →
We have entered the age of cyber war. Believe it or not, cyber war operations are going on right now in many places across the globe. Most of these operations are covert, and often hard to attribute directly to a particular nation-state or adversary.
Marc Cancian has written a gripping report titled Coping with Surprise in Great Power Conflicts. ...
Continue Reading →
The best defense is a good offense. Especially if you are “defending forward.” So what does that mean?
The US Cyber Command has a new leader. Lt. Gen. Stephen G. Fogarty assumed command of U.S. Army Cyber Command on June 1, 2018. His mission is to make Cyber Command more aggressive in its response to cyber-attacks on assets in the United States. ...
Continue Reading →
What if there was a simple change you could make to your computer’s network configuration that would go a long way to protecting you from picking up malware on the Internet. This change could even protect you from accidentally clicking on malicious links in phishing emails. What if this simple fix could keep malware already on your computer from “phoning home” to the ...
A quick Saturday digest of cybersecurity news articles from other sources.and
10/03/2018 10:56 AM EDT Original release date: October 03, 2018
The National Cybersecurity and Communications Integration Center (NCCIC) has received multiple reports of advanced persistent threat (APT) actors actively exploiting trust relationships in ...
Continue Reading →