Biometrics Not Really Secure

Two-factor and multi-factor authentication are becoming more important and more available as we struggle to secure our information from attackers. These factors are something you know, something you have, and something you are.   Biometrics (something you are) are one of the three factors used in computer, network, and application authentication.

Biometrics include thumbprint or fingerprint readers, palm scanners, iris and retinal scanners, facial recognition, speech recognition, and even arcane systems that detect ...

Continue Reading →
0

WireX Turns Android Phones into DDoS Botnet

WireX is a new botnet that runs on hijacked and compromised Android phones.  A bot-net is a collection of compromised devices that can be coordinated by the hijacker to work together on a certain task.  It might be bit-coin mining, or password cracking, or other tasks that require a lot of processing power.  This bot-net, like last year’s Mirai and ...

Continue Reading →
0

Sharing Your Boarding Pass Is A Bad Idea

Last Friday we covered some of the security issues travelers can face when staying at a hotel.  Today we are going to look at air travel – specifically the bad things that can happen to you if you carelessly discard or foolishly post a picture online of your airline boarding pass.

For some reason, people like to post images of their boarding passes on ...

Continue Reading →
0

Malicious Android Apps Steal Text Messages

Sophos Naked Security alerted us to two Android apps that are included in the Google Play Store as legitimate apps.  This makes these apps particularly dangerous, if you are following our advice to only install apps from legitimate sources.  Once installed, they download a plug-in that harvests your text messages and sends them to a web server.  Since the plug-in is downloaded after ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


NHS cyber-defender Marcus Hutchins charged in US

No good deed goes unpunished – WannaCry defender accused of earlier involvement in 2014 with the Kronos banking malware.


Watch out for the Android malware that snoops on your phone

From Sophos Naked Security – GhostCtrl, being distributed by rogue versions designed to look like legitimate apps, can ...

Continue Reading →
0

Smartphones Need Security Too

When a smartphone is stolen, it is a disaster.  You have just given the keys to your online life, your email, social media accounts, and credit cards you have synced with an app.  If you have the new smart locks on your home or office, you also gave them literal keys, the ability to open those locks.  If you have live camera feeds ...

Continue Reading →
0

Android Game Hides Crypto-Ransomware Exploit

There is a new encryption ransomware exploit hiding inside a spoofed copy of the popular Chinese game “King of Glory.”  Right now, this malware is affecting users in China, but it is a matter of time before another cyber-criminal group modifies it for English speaking victims.

This game is available on international gaming forums, and is being spread when gamers download a copy to ...

Continue Reading →
0

Should Facebook Manage Password Recovery?

Back on February 22nd, we discussed Facebook’s new Delegated Account Recovery feature.  Basically, if you should for some reason forget your password to any account, or lose your two-factor authentication device (smartphone), and can no longer get into your account, Facebook will help you recover the account, as long as it is one that is enrolled with Facebook.

This is not the same thing as password managers like DashLane or LastPass, although ...

Continue Reading →
0

The Top Cybersecurity Strategies That Prevent Targeted Attacks

According to the Department of Homeland Security (DHS), there are seven strategies that will prevent 85% of targeted attacks.  To this list I have added a few of my favorites.

  • Password Manager Programs – If you are truly going to have dozens or hundreds of unique and long passwords, you will need the help of a password manager program to keep them all straight, and enter ...
Continue Reading →
0
Page 1 of 3 123