If you use a password manager app on your smartphone, it may be vulnerable to package name spoofing, which would allow the password manager’s autofill feature to enter your login credentials on a spoofed web form. This vulnerability applies to popular apps from LastPass, Dashlane, Keeper, and 1Password.
I have been an advocate for password managers. They are part of the solution to creating ...
Continue Reading →
A quick Saturday digest of cybersecurity news articles from other sources.
New to cybersecurity? Building a successful cybersecurity career begins with taking good foundational steps. In this ebook, two InfoSec professionals share their advice for those just starting out.
A la “Catch Me If You Can” Frank Abignale ...
Continue Reading →
You think you are the clever one because you never use the Internet for online banking, online shopping, or managing accounts like your retirement account, gas and electric utilities, telephone, cell phone, and Internet. Open a Facebook account? Never! You think you are safer from account hijacking and identity theft because you never set up any online accounts. If you don’t have it, they can’t hack it – right? Wrong!
If ...
Continue Reading →
In the middle of the day your cell phone mysteriously goes dead. Later on, when you call the cell phone carrier, you find out that someone else pretending to be you has visited a store and claimed to have lost your phone. Customer service agents moved your mobile number to a new SIM card on a new phone, and using your phone and other personal information gathered earlier through phishing ...
We have discussed the sorry state of passwords in many recent articles. There is an alternative to passwords and pins that may be coming to a smartphone near you. It is called SemanticLock and it uses emoji-like icons to unlock your smartphone.
Most smartphones go unsecured mainly because most people find it difficult to enter a password using the on-screen keyboard. 4 to 6 digit numeric PINs are ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.
One of my IT associates got an email that had one of her actual passwords in it, and threatened to reveal information unless she paid a ransom in Bitcoin. This seems to be getting a lot of traction, so beware. Do not pay the extortion demand. First, this is a scam. They ...
Continue Reading →
Have you ever wondered what happens to the location information your smartphone is collecting about you? Who has access to that information, and for what purpose? As it turns out, as told in a recent report by Brian Krebs, this information is available to pretty much anybody.
A related article in Sophos’ Naked Security blog pointed to a ...
Continue Reading →
The latest trend in the card payment universe are the mobile payment apps that let you use a smart watch or smartphone in place of a credit card. Just how secure are these payment systems? One of my regular readers, Eric Morley, owner of Big Frog Custom T-Shirts in Woodbury, MN, asked me that question via LinkedIn, and I thought it was a great idea for an ...
Tomorrow is World Password Day. WPD is observed on the first Thursday of May. So today would be a great day to take your passwords out to Valley Fair or a movie – wait a minute, that’s silly. You only can do that if you have all your password in a spiral notebook.
A quick Saturday digest of cybersecurity news articles from other sources.A tiny US company called Grayshift is reportedly quietly touting software it claims can unlock Apple’s flagship handsets, the iPhone X and 8.