Buy Your Password From 11-Year Old Girl?

Would you buy your password from an 11-year old girl?  I would, and maybe you should, too.  Mira Modi, an 11-year old New Yorker, has very very cool service called Diceware.  Using a technique developed by Arnold Reinhold, Mira uses dice to come up with a unique 6 word passphrase, which she will send to you in the US Mail.  Her fee is two bucks.

Understanding that passwords are cracked by cyber-criminals one of two ways, either ...

Continue Reading →
0

How Secure Is Your Smartphone?

smartphone-securityI read an article recently on Dark Matters, by Bob Monroe, that talked about smartphones from the perspective on an attacker – just how good of an attack surface is your average smartphone?  Pretty good, as it turns out, which is not so good for you and me.

The first problem is that these little computers are very chatty.  If they are turned on, they are talking to the nearest cell ...

Continue Reading →
0

Word and Excel Macro Viruses Are Back

macro-virusUsing BASIC or Visual BASIC programming scripts can add automation and other functions to documents created in the Microsoft Office productivity suite of products.  Unfortunately, this feature can be used by cyber-attackers to send malware exploits in otherwise innocuous looking documents that most people would open without a second thought.

The macro virus goes back to 1995, the most infamous being the Melissa email macro virus that $80 million in damages to US ...

Continue Reading →
0

Password Strategy Part 1

passwordToday we start a three article series on developing good password strategy for you small business.  As it happens, there is a great resource available courtesy of Her Majesty’s Government.  The British signals intelligence department, GCHQ, has published a guide to password policy entitled Password Guidance: Simplifying Your Approach.  This 12 page guide offers password advise in seven sections.  They are:

  • Change all default passwords on devices that you deploy on ...
Continue Reading →
0

Cost of Breach Per Record At $217

The new Ponemon Institute 2015 Cost of Data Breach report was released recently.  This report looks at the costs of 2015 large enterprise class data breaches, but there are some salient pieces of information for small business owners to consider when formulating their cyber security risk management plans.

The average cost per record lost in a data breach increased from $201 in 2014 to $217 in 2015.  Different sorts of records had different costs associated to them.  For instance, more detailed ...

Continue Reading →
0

Smartphone Kill Switches Are Here

kill-switch-170Minnesota’s new smartphone “kill switch” law takes effect on July 1, 2015.  It requires that all smartphones sold in Minnesota come with a preinstalled kill switch or a free app which provides the same function.  A similar law in California takes effect on the same date, but requires all phones come with the app preinstalled.  Federal legislation has been proposed, but so far ...

Continue Reading →
0

US Announces It’s Game Over For Zeus Kingpin

Bogachev Wanted posterThe Gameover Zeus and related Neverquest banking Trojan exploits are one of the most truly frightening security nightmares facing small businesses and individuals.  These exploits allow a remote attacker to join you on an online banking session, and then transfer funds from your account after you thought the session was over.

The US State Department has place a $3 million bounty on the head of Evgeniy Mikhailovich Bogachev, The criminal mastermind behind the Gameover ...

Continue Reading →
0

2FA–When a Password Is Not Enough

Two Factor Authentication, also known as 2FA or TFA, is becoming an attractive, and more available option to using just a user name and password combination as your only online security.  Here’s why.

Typical security systems rely on some subset of the authentication triad:  something you know, something you have, or something you are.  Simple security methods rely on having one of the three.  This is the problem with simple security – an attacker simply needs to acquire the one bit ...

Continue Reading →
0
Page 13 of 13 «...910111213