Inside the Perimeter

razor-wireAh, the good old days, when perimeter defenses and endpoint security software was all you needed to keep your network secure.  Was it ever really that simple? Probably not, but many business owners and IT professionals are still hoping that keeping the firewall and antivirus updated is enough.

Over 90% of exploits start as an email in somebody’s inbox.  According to NSS Labs, 97% of all breaches are enabled by ...

Continue Reading →
0

The Internet of Insecure Security Things

cameraIf the title seems confusing, it is not your fault.  It is really tough to get my head around the epic failure of purported security companies who bring products like these to market.  This practically qualifies as fraud!

The first story is about a manufacturer of security camera and DVR systems.  This company is a white box manufacturer, in that they build products that are privately labelled by other ...

Continue Reading →
0

Adaptive Authentication To The Rescue

password1Keith Graham of SecureAuth was recently interviewed for a recent article on TechRepublic, and the subject of adaptive authentication came up.  He defined adaptive authentication this way:

“Adaptive authentication involves evaluating risk around the login process before the user even authenticates so that the system only steps up, or outright denies, the authentication when it deems a logon as a risk. Hence, it ...

Continue Reading →
0

Worst Passwords of 2015

bad-pwdHere are the 25 most commonly used passwords for 2014.  If your password is on this list, please understand that these passwords are among the first tried when automated password cracking software is used by a cyber-criminal.  So if yours is here, change it now.

Passwords are becoming problematic for several reasons.  The first, IMHO, is the use of email addresses as the user ID ...

Continue Reading →
0

Phishing and Spearphishing – Don’t Take The Bait!

Phishing HookHere’s a provocative statement:  If you could just prevent your staff for clicking on links or opening attachments in phishing emails, 95% of your cybersecurity problems would be prevented.

As perimeter defenses and anti-malware software products have become more effective, cyber-attackers have turned to the phishing email approach as their number one favorite method for acquiring user names and passwords or gaining unauthorized access to computers on your network.   The spearphishing ...

Continue Reading →
0

What Can I Do With Your Email Account?

Email_thumb2There are many online accounts that would be bad to lose control of, such as your Amazon, eBay, PayPal, or bank account.  But by the far the worst account to lose is your email account.  If I can trick you into giving me your email user ID and password, by using a phishing email, or phone pretext call, I will be in.  I can start off by simply observing, as I read your emails, ...

Continue Reading →
0

Password Tips for 2016

password1Passwords – Is mine strong enough?  How do I know?  Every time I write a password article I feel as if this subject has already been done to death by me and others.  But I always get more positive feedback on this subject than others I consider more interesting, so we offer the following suggestions:

  • Use different passwords for personal and work systems.  That way ...
Continue Reading →
0

Tips From FBI To Lower Your Online Profile

ic3I am getting posts from the FBI and the Internet Crime Complaint Center (IC3), and received this interesting warning on November 18th of last year.  This warning was sent to law enforcement and public officials, but if you have come to the point in your life were you are feeling a bit overexposed on the Internet, these tips can help you too.

For some of us, a few of these suggestions are ...

Continue Reading →
0

Business Cybersecurity Resolutions

newyear2016As we approach the new year it is traditional to make our New Year’s Resolutions.  Unfortunately, most resolutions are made but not kept, so I am a little reluctant to offer these ideas for improving your cybersecurity in the coming year.  But if you have not climbed on the cybersecurity bandwagon yet, you are definitely overdue. Pick a few of these ideas to implement in your business.

 

Here they are:

  • Stay informed about the ...
Continue Reading →
0
Page 7 of 10 «...56789...»