Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Ten Tips for New Cybersecurity Pros (free PDF)

New to cybersecurity?  Building a successful cybersecurity career begins with taking good foundational steps. In this ebook, two InfoSec professionals share their advice for those just starting out.

Want a Great Job with the FBI?  Launch a Bot-Net

A la “Catch Me If You Can” Frank Abignale fame, the three creators of the Mirai bot-net have been given probation and good jobs consulting for the FBI.

Vote now! Which web browser do you trust the most?

Your web browser goes with you everywhere on the web. But how much do you trust it?

ATT, Sprint, Verzion, T-Mobile to Replace Passwords With Authentication App

We have said for a while that the password is dead.  Project Verify from Verizon, AT&T, Sprint and T-Mobile aims to replace your password.

Will Microsoft finally kill the password with its Authenticator upgrade?

Microsoft has extended its support for password-less login using the app to the hundreds of thousands of Azure Active Directory-connected apps used by business, one of a series of security improvements announced at Ignite.

DNSSEC Key Signing Key Rollover

09/27/2018 07:52 PM EDT Original release date: September 27, 2018

On October 11, 2018, the Internet Corporation for Assigned Names and Numbers (ICANN) will be changing the Root Zone Key Signing Key (KSK) used in the Domain Name System (DNS) Security Extensions (DNSSEC) protocol.

DNSSEC is a set of protocol extensions used to digitally sign DNS information, an important part of preventing domain name hijacking. Updating DNSSEC KSK is a crucial security step in ensuring DNSSEC-validating DNS resolvers continue to function after the rollover. While DNSSEC validation is mandatory for federal agencies, it is not required of the private sector. Organizations that do not use DNSSEC validation will be unaffected by the rollover.



About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.