Problems with Multi-factor Authentication

I am admittedly a huge proponent of two-factor and multi-factor authentication.  For me, TFA, 2FA, and MFA have allowed the password some badly needed extended life as a secure authentication method.  With multi-factor authentication, losing your password to an attacker is not enough for them to gain access to and compromise a system, resource, or account.

Multi-factor authentication requires a user to log into ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Ten Tips for New Cybersecurity Pros (free PDF)

New to cybersecurity?  Building a successful cybersecurity career begins with taking good foundational steps. In this ebook, two InfoSec professionals share their advice for those just starting out.


Want a Great Job with the FBI?  Launch a Bot-Net

A la “Catch Me If You Can” Frank Abignale ...

Continue Reading →
0

Keeping Your Accounts Offline Is Not More Secure

You think you are the clever one because you never use the Internet for online banking, online shopping, or managing accounts like your retirement account, gas and electric utilities, telephone, cell phone, and Internet.  Open a Facebook account?  Never!  You think you are safer from account hijacking and identity theft because you never set up any online accounts.  If you don’t have it, they can’t hack it – right?  Wrong!

If ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


[INFOGRAPHIC] Introducing The Psychology of Passwords

From LastPass – It feels like almost every day there’s another data breach in the news, or a case of user credentials up for sale on the Dark Web. Despite the headlines, and repeated warnings from experts about weak passwords and the dangers of password reuse, users have yet to change their ...

Continue Reading →
0

Replacing Passwords and Pins with Icons

We have discussed the sorry state of passwords in many recent articles.  There is an alternative to passwords and pins that may be coming to a smartphone near you.  It is called SemanticLock and it uses emoji-like icons to unlock your smartphone.

Most smartphones go unsecured mainly because most people find it difficult to enter a password using the on-screen keyboard.  4 to 6 digit numeric PINs are ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Back-to-School Cyber Safety

08/10/2018 08:25 AM EDT  

Original release date: August 10, 2018

As summer break ends, many students will return to school with mobile devices, such as smart phones, tablets, and laptops. Although these devices can help students with their schoolwork and stay in touch with family and friends, there are risks associated with using them. However, ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


“Ghosting” is making the hiring process harder.

You found the perfect candidate and are ready to make an offer, then your “purple unicorn” stops responding to phone calls, texts, and emails.  What gives?  Not a tech issue, but more an HR issue.  Still, if you can’t find qualified technical staff, this might be an issue.


Continue Reading →
0

Password Spraying is a New Type of Brute Force Attack

Password spraying is a new password exploit that is being used effectively against larger networks.  It’s become enough of a problem to merit an alert from US-CERT entitled TA18-086A: Brute Force Attacks Conducted by Cyber ActorsHere’s how it works.

Typically, in a traditional brute-force password attack, the password cracking software runs a long list of every possible password against a system.  ...

Continue Reading →
0
Page 5 of 14 «...34567...»