Why Passwords Are A Soft Target

I have said it before, and I will repeat it now:  passwords by themselves are no longer a useful form of security.  The only option that makes passwords secure is two-factor authentication.  Today we embark on a two week investigation into passwords, why they are so easy to break, how your password might be compromised, and how to create a password system that is less vulnerable to exploitation.

Why are passwords so easy to crack?  Some of the answers we have ...

Continue Reading →
11
JUN
0

Computers and Internet, cybersecurity, passwords

Hacking Your Browser for Further Exploits

In our last post, we discovered the trove of personal information that our web browser saves automatically, in the form of cookies, temporary Internet files, code snippets, and stored passwords.  Today we learn how an attacker could use this information in further exploits against you.

Using the information stored in your browser, an attacker can build a detailed ...

Continue Reading →
23
MAY
0

cybersecurity, passwords, Software vulnerability

Password Spraying is a New Type of Brute Force Attack

Password spraying is a new password exploit that is being used effectively against larger networks.  It’s become enough of a problem to merit an alert from US-CERT entitled TA18-086A: Brute Force Attacks Conducted by Cyber ActorsHere’s how it works.

Typically, in a traditional brute-force password attack, the password cracking software runs a long list of every possible password against a system.  ...

Continue Reading →
30
APR
0

authentication, Computers and Internet, cybersecurity, passwords, Security, social engineering, Software vulnerability

Why Would Someone Hijack My Website?

If you own a small business, you have a website.  Would you be surprised to learn that your site is a top target of cyber-criminals?  Most people believe their business is too small and insignificant to be interesting to attackers, but your website is valuable to them precisely because it is small.

What makes a small business website an attractive ...

Continue Reading →
16
APR
0

Computers and Internet, crypto-currency, cybersecurity, malware, passwords, Phishing, ransomware, Security, social engineering, Web Design, WordPress

Income Taxes – File Early to Beat the Hacker

The early bird gets the worm.  The second mouse gets the cheese.  The late tax filer gets nothing.  Why?  April is tax fraud time.  The best way to avoid losing your tax refund to a scammer is to file as early as possible, before the tax fraudster can get it done.  Having said that, this information would be more valuable in January than in April.  From US-CERT.

Tax ...

Continue Reading →
2
APR
1

Computers and Internet, cybersecurity, Identity Theft, passwords, Phishing

,

Something You Are: Typing Cadence

What would it be like if you could identify yourself and authenticate your account by the way you type?  A Romanian company, TypingDNA, has created a Chrome extension that does just that.

I am a big advocate of two-factor authentication, but there are some problems.  One of the three types of authentication is biometrics, which is “something you are.”  NIST, in SP 800-63B ...

Continue Reading →
28
MAR
0

authentication, Computers and Internet, cybersecurity, passwords, Security

What Security Advice Do The Experts Offer?

I recently read an article from Heimdal Security about online safety.  In this article Heimdal had asked 18 experts in the field of cybersecurity for their top 3 ideas about how to stay secure.  The contributors included top cybersecurity professionals from several anti-malware companies, security bloggers, and cybersecurity industry professionals.  The original article is here.

What I found interesting were ...

Continue Reading →
7
MAR
0

authentication, backup, Computers and Internet, crapware, cybersecurity, encryption, Facebook, Identity Theft, Internet of Things, malware, passwords, Phishing, ransomware, Security, smartphones, social engineering, Trojan, Virus, Wi-Fi, wireless

Page 10 of 21 «...89101112...»