Which means we all get into our cars and spend the day driving in reverse? Not quite. What this means for some of your that today is the day you quit kicking that can down the road and set up a data backup for your systems. Hardware, software, cloud – pick your poison and set it up.
For those of you who are already using a backup solution, today would be a ...
Continue Reading →
What would it be like if you could identify yourself and authenticate your account by the way you type? A Romanian company, TypingDNA, has created a Chrome extension that does just that.
I am a big advocate of two-factor authentication, but there are some problems. One of the three types of authentication is biometrics, which is “something you are.” NIST, in SP 800-63B ...
Continue Reading →
The problem with cybersecurity it that an attacker only needs to exploit a single vulnerability, while a defender needs to protect everything. Defense has evolved from perimeter defense, to defending all endpoints, to adding automated detection and prevention appliances, to universal threat management that looks at not just north/south traffic passing through the Internet gateway, but also east/west traffic across the LAN ...
A quick Saturday digest of cybersecurity news articles from other sources.A tiny US company called Grayshift is reportedly quietly touting software it claims can unlock Apple’s flagship handsets, the iPhone X and 8.
Did you know that most traffic across the Internet travels in an unencrypted state. And when you make an open wireless connection in a coffee bar or other public location, the radio connection is unsecured and unencrypted, too. This traffic travels as plain text, and can be read by anyone with the skills to intercept the traffic and open the data packets.
We ...
Continue Reading →
Often when I am writing about cybersecurity, the situation seems worse than ever. But its not more dangerous than its ever been, it dangerous in ways that its never been.
A team of Israeli researchers have cataloged 29 different USB exploits and attacks. These attacks can come disguised as a smartphone charger connection, or may come hidden on a USB thumb drive. Plugging an ...
Continue Reading →
In January we learned about a pair of cybersecurity vulnerabilities called Spectre and Meltdown. Discovered last summer by different security researchers, these vulnerabilities are proving difficult to mitigate because the problem exists in the way central processing units (CPUs) have been designed and manufactured. These processor cores are at the heart of all computer hardware, from PCs and servers, to ...
Bots are alive, well, and busy on the Internet, making up nearly half of Internet traffic. Bad bots are used by cyber-criminals and cyber attackers to automate harmful exploits and attacks, such as denial of service attacks, crypto-coin mining, data mining, information exfilitration, account hijacking, vulnerability scanning, spamming, and other illegal or illicit activities.
Not all bots are bad. Some of these site visitors are helpful, such as the automated bots ...
Continue Reading →
What if the biggest security risk your company faced was from an employee at a trusted vendor company? Third party risk management, or vendor risk management, is an emerging cybersecurity practice that larger companies are using to mitigate the risk that smaller, network connected third party and vendor companies can represent.
The classic example of the dangers a vendor can bring to another ...
Continue Reading →
I recently read an article from Heimdal Security about online safety. In this article Heimdal had asked 18 experts in the field of cybersecurity for their top 3 ideas about how to stay secure. The contributors included top cybersecurity professionals from several anti-malware companies, security bloggers, and cybersecurity industry professionals. The original article is here.
What I found interesting were ...
Continue Reading →