Here’s a contribution from Orla Forrest at Irish cloud services provider Paradyn.
In this guide, we examine some emerging innovations that are helping organisations to bolster their security in 2019.
In 2019, organisations are facing an ever-growing range of cyber-threats. In fact, according to a 2018 study from Bromium, the cybercrime economy was estimated to be worth $1.5 trillion. As ...
Continue Reading →
Recently there were a couple of notable fails in biometric authentication. The fingerprint reader in Samsung’s Galaxy S10 and Note10 smartphones will allow any finger to open the phone if the user has installed a cheap screen protector film. In security parlance, this is a “fail-open” or “false positive” scenario. An update is pending. And Google’s new Pixel 4 phone’s facial recognition security ...
Your Personally Identifiable Information (PII) is one of the top targets of cyber-criminals. This information is valuable because it can be used for identity, fraud, tax refund fraud, loans and credit card applications, money transfers, phishing and spam campaigns, blackmail and extortion, fraudulent medical insurance claims, online shopping, and so much more. This information is packaged and sold on the Dark Web, and ...
Creating and remembering strong (long) passwords is a chore, and leads to poor security practices such as shorter passwords, reuse of passwords, and writing down passwords in a password list or book that could be stolen. The best way to create strong passwords and store them for use is a password manager.
The easiest password managers are found in popular web browsers such as Chrome, Firefox, and Edge. Safari uses the Apple ...
Continue Reading →
A quick Saturday digest of cybersecurity news articles from other sources.Original release date: October 4, 2019
The Microsoft Threat Intelligence Center (MSTIC) has released a blog post describing an increase in malicious cyber activity from the Iranian group known as Phosphorus. These threat actors are exploiting password reset or account recovery features to take control of targeted email accounts.
In a 30-day ...
Continue Reading →
The password represents one of the weakest links in the cybersecurity chain, and is frequently one of the opening points of an attack. Passwords can be collected in cleartext through phishing exploits such as an email link that directs you to a fake login page, or social engineering ploys such as bogus calls from “IT” or “tech support,” or keylogging software that captures the entire user name/password/web address triad. Passwords can ...
You might have heard that the founder of Twitter, Jack Dorsey, recently had his Twitter account hijacked. You are probably wondering how a tech-savvy founder of a technology company could possibly lose control of his account at his own company. Personally, I can’t think of anything more embarrassing. It turns out the culprit was his phone. Specifically, the SMS texts that ...
Is your company moving operations to the cloud? What about the cybersecurity aspects of protecting your data assets in the cloud? Are you relying on your partner/vendor to take care of securing your information? In light of the Paige Thompson indictment, it is apparent that relying too heavily on your vendor’s expertise and staff can open you ...
Is your home Wi-Fi router a gateway to invasion by cyber-criminals? According to recent findings by Consumer Reports, it very well could be. They tested 29 popular home routers, and were only able to recommend 6 basic Wi-Fi routers, and 3 more expensive Wi-Fi mesh routers. Mesh routers allow you to install several Wi-Fi access ...
Phishing for login credentials may still be the way most network breaches happen, but insecure use of remote desktop protocol is another favorite vulnerability used by attackers to enter a network.. Sophos Naked Security reported their findings on the use of RDP or the Remote Desktop Protocol as a launch vector for accessing and compromising ...