multi-factor authentication Archives

If You Connect It, Protect It

Keeping our connected devices secure has become easier – and harder! Easier because we have more tools to defend our online assets, and harder because the opposition has grown much larger and become more sophisticated. And the enemy is not limited to criminals, there are terrorist groups, nation-state sponsored cyber operations teams, hacktivists, and other with malicious intent and nefarious schemes.

When I started writing this blog in October 2006, almost ...

Continue Reading →

5
OCT

0

Share

Computers and Internet, cybersecurity, cyberwar, hacktivism, Internet of Things, multi-factor authentication

NCSA

Double Checking Your Amazon Account Security

Losing control of a major online shopping account like your Amazon account is a huge problem. An account hijacker could purchase all sorts of high end goods, jewelry, electronics, gift cards. Really, almost anything is for sale on Amazon. If you have a Prime membership, an attacker also has access to your video and music streaming account as well. This access can ...

Continue Reading →

18
MAY

0

Share

account hijacking, cybersecurity, multi-factor authentication

Give Yourself A Google Account Security Checkup

If you use Google for anything (and who doesn’t), it is a good idea to periodically check your your Google account security settings. If you have an Android phone, then there is a Gmail account attached to the phone, whether you use it or not. This account is tied to the GPS location history generated by your phone. It is also attached to Google Calendar, Google Contacts, Google Photos, any ...

Continue Reading →

13
MAY

0

Share

account hijacking, Android, Google, multi-factor authentication, passwords

Tomorrow is World Password Day

I have been predicting the death of the password for several years now, but all of us are still using them, even if they are easily stolen, cracked, or bypassed. A password by itself is not all that secure anymore. But there are several simple steps you can take to make them more secure.

Do not:

Do not use personal information. Information such as your name, or the name of your pet, ...

Continue Reading →

6
MAY

0

Share

cybersecurity, multi-factor authentication, passwords

How Secure is Your Tech Support Company?

Is your computer technology Managed Service Provider (MSP) the weakest link in your supply chain security program? Are they the easiest point of entry for an attacker? Your contracted tech support provider holds keys to your computer network that are coveted by cyber-attackers. MSPs are commonly targeted by cyber-criminal groups and other bad actors because MSPs ...

Continue Reading →

1
APR

0

Share

account hijacking, authentication, cybersecurity, insider threat, multi-factor authentication, Phishing, social engineering

managed service provider, MSP, supply chain security, third party vendor security

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

8 Shopping Tips for the Holiday Season

November 2019 Volume 14 Issue 11

From the desk of Thomas F. Duffy, MS-ISAC Chair

It’s that time of year again, holiday shopping has begun! Everyone is looking for those unique gifts, hot toys and cool electronics. Whether it is a hard-to-find toy for kids or the latest 4K ...

Continue Reading →

23
NOV

0

Share

cybersecurity, multi-factor authentication, Web Design, Weekend Update

Fancy Bear, Olympics, PHP

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

The Ransomware Victim that Hacked Back and Got the Keys to the Kingdom

The idea of hacking back against those who hack you has been called a lot of things. The terms “goofy idea” and “illegal” are some we’ve heard. But for a ransomware victim in Germany, you can add the words “sweet revenge.” And not ...

Continue Reading →

2
NOV

0

Share

cybersecurity, Dark Web, encryption, multi-factor authentication, ransomware, training, Weekend Update

election fraud

Authentication Without Passwords

The password represents one of the weakest links in the cybersecurity chain, and is frequently one of the opening points of an attack. Passwords can be collected in cleartext through phishing exploits such as an email link that directs you to a fake login page, or social engineering ploys such as bogus calls from “IT” or “tech support,” or keylogging software that captures the entire user name/password/web address triad. Passwords ...

Continue Reading →

11
OCT

0

Share

authentication, multi-factor authentication, passwords

Ransomware Mitigation – Texas Shows How It Is Done

We recently wrote about the upsurge in ransomware attacks, and one of the examples in that article was the recent attack on about two dozen governmental and educational networks in the state of Texas. Texas was initially tight lipped about what they were doing to mitigate the attack, in an effort to prevent the attackers from learning about their defensive strategies and systems, and adapting their ...

Continue Reading →

9
OCT

1

Share

cybersecurity, multi-factor authentication, ransomware

Lateral Phishing – A New Threat to Business Email

Phishing is getting better and harder to detect. One new trend is using hijacked business email accounts to pivot further into a business, by using the built in trust of the company’s email domain to send phishing emails that appear to come from coworkers. These phishing emails from trusted sources are used to hijack other email accounts in the same company. This ...

Continue Reading →

31
JUL

0

Share

Computers and Internet, cybersecurity, email, multi-factor authentication, passwords, Phishing