Remote Desktop Protocol is Still a Top Attack Vector

Phishing for login credentials may still be the way most network breaches happen, but insecure use of remote desktop protocol is another favorite vulnerability used by attackers to enter a network..  Sophos Naked Security reported their findings on the use of RDP or the Remote Desktop Protocol as a launch vector for accessing and compromising ...

Continue Reading →
0

Hash and Salt – A Recipe for Password Security

I love hash, especially corned beef hash, with a little salt.  Maybe a couple of poached or over-easy eggs perched on top.  Wait!  This is not a foodie blog!  That’s not what I am writing about today.  As it turns out, using a hash plus a salt is a great recipe for keeping passwords secure on a web server or an authentication database.

If your password has been extracted from a web ...

Continue Reading →
0

Replacements for Passwords

I have been saying for some time now that passwords by themselves are no longer an effective form of security.  Too easy to hack, too easy to crack.  Currently my go to recommendation is any form of two-factor authentication.  Something like the Google Authenticator App or Yubikey are good choices for your second authentication factor.

On the horizon there are other authentication options that may replace passwords entirely.  Here are a few:

  • DNA ...
Continue Reading →
0

Millions of Chinese-made IoT Devices Easily Hacked says Brian Krebs

If you bought a security camera, webcam, baby monitor, smart doorbell, digital video recorder or other IoT device manufactured in China, there is bad news.  Security flaws have been discovered that can easily  allow an attacker remote access, remote control, and password discovery on affected systems.  These devices can also be hijacked to use in a variety exploits including eavesdropping through ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


May the Fourth Be With You

It’s Star Wars Day!!  May the force be with you.  Jedis, Greys, and Sith unite for a day for video watching and beer.


Huge Win 10 version 1903 requires 32 GB to install

You might want to check your free space on your C drive before Patch Tuesday ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Tax Identity Theft: Protecting Your Credit and Finances

Check this out from the Simple Dollar.  Tax-related identity theft is a growing problem in America, and the more security breaches, information hacks and digital business we do as a society, the more consumers who fall victim to it. In fact, in 2016 alone, thieves stole more than $21 ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Steps To Take If You Are the Victim of Identity Theft.

It can be overwhelming to learn you’ve been a victim of identity theft. As in your case, crimes involving identity theft and credit fraud are often committed online.


How to share photos without using Facebook

There are other options for photo sharing ...

Continue Reading →
0

Authentication without Passwords?

I have been warning about the weakness of the password for a number of years.  Passwords no longer provide strong security.  Passwords are too easy to crack using automated techniques, and are stored insecurely in many environments.  Most passwords are too short, or easily guessable.  Many users reuse the same password on multiple sites.  But the password remains the most popular form of authentication among most users.  Two-factor and multi-factor authentication ...

Continue Reading →
0
Page 1 of 12 12345...»