Better Two-Factor Security from Google Titan

This article is an amusing collision between our last two topics – the problems with two-factor and multi-factor authentication and our four-part story on Google’s data mining habits.  Google has developed and released their Titan MFA security key as a more secure way to implement multi-factor authentication that can’t be attacked through phishing and man-in-the-middle exploits.  So if you can stand ...

Continue Reading →
0

Hiding from the Biggest Spy on the Internet – Part 4

In our last three posts, we dissected the data collection program on one of the biggest Internet companies, the King of the Internet, Google.  Today we are going to provide you with a small set of options you can use to reduce and sometimes eliminate your exposure to data collection, and increase your privacy while online.  These solutions will work well not just against Google, but also against the data collection ...

Continue Reading →
0

The Biggest Spy on the Internet – Part 3

Now that I know everything about you, maybe I can predict what you are likely to do in the future.  In the first two parts of this report, we looked at Google and the many products and services that collect information about you, and just what kind of details are included in that informational trove.  Today we will see what that information can do.

Whether you call it bots, AI (artificial intelligence), ...

Continue Reading →
0

Problems with Password Manager Phone Apps

If you use a password manager app on your smartphone, it may be vulnerable to package name spoofing, which would allow the password manager’s autofill feature to enter your login credentials on a spoofed web form.  This vulnerability applies to popular apps from LastPass, Dashlane, Keeper, and 1Password.

I have been an advocate for password managers.  They are part of the solution to creating ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Ten Tips for New Cybersecurity Pros (free PDF)

New to cybersecurity?  Building a successful cybersecurity career begins with taking good foundational steps. In this ebook, two InfoSec professionals share their advice for those just starting out.


Want a Great Job with the FBI?  Launch a Bot-Net

A la “Catch Me If You Can” Frank Abignale fame, ...

Continue Reading →
0

Keeping Your Accounts Offline Is Not More Secure

You think you are the clever one because you never use the Internet for online banking, online shopping, or managing accounts like your retirement account, gas and electric utilities, telephone, cell phone, and Internet.  Open a Facebook account?  Never!  You think you are safer from account hijacking and identity theft because you never set up any online accounts.  If you don’t have it, they can’t hack it – right?  Wrong!

If you ...

Continue Reading →
0

SIM Swap Fraud Is Growing

In the middle of the day your cell phone mysteriously goes dead.  Later on, when you call the cell phone carrier, you find out that someone else pretending to be you has visited a store and claimed to have lost your phone.  Customer service agents moved your mobile number to a new SIM card on a new phone, and using your phone and other personal information gathered earlier through phishing scams ...

Continue Reading →
0

Replacing Passwords and Pins with Icons

We have discussed the sorry state of passwords in many recent articles.  There is an alternative to passwords and pins that may be coming to a smartphone near you.  It is called SemanticLock and it uses emoji-like icons to unlock your smartphone.

Most smartphones go unsecured mainly because most people find it difficult to enter a password using the on-screen keyboard.  4 to 6 digit numeric PINs are slightly ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Extortion Phish: Your Password is XXXX

One of my IT associates got an email that had one of her actual passwords in it, and threatened to reveal information unless she paid a ransom in Bitcoin.  This seems to be getting a lot of traction, so beware.  Do not pay the extortion demand. First, this is a scam.  They got ...

Continue Reading →
0

Where Does Cell Phone Location Data Go?

Have you ever wondered what happens to the location information your smartphone is collecting about you?  Who has access to that information, and for what purpose?  As it turns out, as told in a recent report by Brian Krebs, this information is available to pretty much anybody.

A related article in Sophos’ Naked Security blog pointed to a Continue Reading →

0
Page 1 of 6 12345...»