Two Factor Authentication for WordPress

Hardening and securing WordPress websites is one of my specialties.  We have reported previously on three of the best WordPress security plugins, Sucuri, Bulletproof, and WordFence.  I can tell you that each of these plug-ins performed admirably against the continuous barrage of brute force and password reset attacks that my sites have endured.  Security appeared to be strong, but I wanted more.

I have been deploying two-factor authentication (TFA) everywhere I can, in order to overcome the inherent weakness of password ...

Continue Reading →
0

How Did They Take Over My Computer?

Computer breaches can happen many ways, but the two most common are stolen credentials, and phishing emails.  Credentials, your user name and password, sometimes are stolen from a web server breach, and then sold online on the criminal marketplaces.  Or sometimes you are tricked into giving them up on clever fake websites.  Phishing is one way that credentials are stolen.  The links in phishing emails often will direct the unwary user to the fake web page with the helpful web ...

Continue Reading →
0

The Growing Threat of Ransomware

The cyber-criminal underground has found a real moneymaker in the various forms of encryption based ransomware schemes.  These exploits turn all your readable work product, your documents, pictures, music and video files, into a collection of encrypted gibberish, and then kindly offers to sell you the decryption key.  I recently saw an infographic from Symantec on the Bromium blog that illustrated the problem perfectly.

ransomeware-infographic

What ...

Continue Reading →
0

Was Your Email Password Stolen?

Email_thumb2One of the very worst breaches that can happen to you is for an attacker to be able to access your email account.  If someone else can access your email, and read the messages you send and receive, and access your contact list and calendar, then they can learn many personal details about you that would make it easier to steal your identity, access other web accounts using the password reset process, ...

Continue Reading →
0

Now The FBI Can Legally Hack Your Computer

image_thumbA recent rule by the Supreme Court has given the FBI authority to hack your computer if it is inadvertently part of a criminal botnet.  Recent changes to a procedural rule known as Rule 41 allows the FBI to obtain a search warrant to use “network investigative techniques” or NIT (or more commonly called hacking) to search computers engaged in criminal activity anywhere in the world.  This includes innocent computer users ...

Continue Reading →
0

Watch Out For HawkEye

hawkeyeWe haven’t seen macro viruses for a while, but they are back. HawkEye a new variant of the resurgent use of unpatched vulnerabilities in Microsoft Word and other office documents.   Using macros, written in Visual Basic, attackers are using Word document attachments to run code on victim computers.

Last week we wrote about the Locky ransomware exploit that encrypts your data ...

Continue Reading →
0

If Only We Could Block Traffic From the Dark Web…

penetration_testTry to imagine how much bad stuff we could keep off our computers and networks if we could figure out a way to filter incoming traffic from the Dark Web.  Well maybe we can.

First, my apology in advance to my non-technical followers, this article may be a bit high level for the average user.

A post in Spiceworks from “Born2Frag”  goes ...

Continue Reading →
0

Comcast Subscribers: Change Your Password

comcastAccording to a post on Sophos, Comcast has reset the passwords on 200,000 customers after a security researcher discovered an advertisement on the Dark Web offering to sell 500,000 Comcast passwords in pain text for $1000 in BitCoin.  Investigation by Comcast found that “only” 200,000 of there accounts were active and proactively reset the passwords on all the affected accounts.  Comcast ...

Continue Reading →
0
Page 3 of 4 1234