Bad Passwords Still Allowed

The Sophos Naked security blog ran an article in August that was a disappointing revelation about major online brands that allow ridiculously easy user passwords.  Just because a web site will permit you to use a bad password, doesn’t mean you should.  Our current recommendation is to use passwords of at least 15 characters, and couple that with two-factor authentication at every opportunity.

The password management program Dashlane performed an audit of 37 online brands and rated their ...

Continue Reading →
22
SEP
0

authentication, Computers and Internet, cybersecurity, passwords

Biometrics Not Really Secure

Two-factor and multi-factor authentication are becoming more important and more available as we struggle to secure our information from attackers. These factors are something you know, something you have, and something you are.   Biometrics (something you are) are one of the three factors used in computer, network, and application authentication.

Biometrics include thumbprint or fingerprint readers, palm scanners, iris and retinal scanners, facial recognition, speech recognition, and even arcane systems that ...

Continue Reading →
20
SEP
0

authentication, Computers and Internet, cybersecurity, passwords, smartphones

What You Can Do After The Equifax Breach

The Equifax breach has been all over the news this weekend, and it should be.  This is worse than they are telling us.  It most certainly DOES affect you, if you are adult and have ever purchased a car or opened a credit card account.  Don’t wait to be told you are a victim.  Assume you are a victim.

In a world where we are all suffering from “breach fatigue,” having suffered through dozens if not hundreds of these revelations about ...

Continue Reading →
11
SEP
0

Computers and Internet, cybersecurity, Identity Theft, News and politics, passwords, Phishing, social engineering

Email Account Hijacking – Part 4 Prevention and Dectection

Last week we went deep on the subject of just how bad losing control of your email account can be.  Today we are wrapping up the four-part series with solutions to help you prevent email account compromise from happening, how to detect if it has already happened to you, and how to recover if that is the case.

Prevention is the best solution.  Your email account is one of the crown ...

Continue Reading →
31
JUL
0

authentication, Computers and Internet, cybersecurity, passwords, Phishing, social engineering

Email Account Hijacking – Part 3 Extending the Exploit

On Monday and Wednesday we looked at email account hijacking, how it happens, and what can happen after the account is controlled by an attacker.  Today we will see how an attacker could use the beachhead they established in your email account to extend their intrusion.

They have already proven that you are susceptible to phishing and other social engineering exploits.  So sending the victim other phishing emails that allow more ...

Continue Reading →
28
JUL
0

authentication, Computers and Internet, cybersecurity, Identity Theft, malware, passwords, Phishing, ransomware, Security, social engineering, Spyware, surveillance, Trojan, Web Design, WordPress

What Can I Do With A Hijacked Email Account? Part 2

On Monday we opened this discussion about hijacked email accounts, and showed some examples of the phishing tricks that attackers use to get you to reveal your email password.  Today we will explore the many useful and profitable exploits that a compromised email account offers a cyber-criminal or other attacker.

I consider email account compromise to be one of the most personally harmful cyber-exploits.  When another person has access to your ...

Continue Reading →
26
JUL
0

authentication, Computers and Internet, cybersecurity, Dark Web, Identity Theft, passwords, Phishing, ransomware, Security, social engineering, surveillance, Trojan

What Can I Do With A Hijacked Email Account? Part 1

Let’s say I just hijacked your email account.  What can I do with it?

First thing, a hijacker would not announce his or her presence in your account.  Staying undetected is important so you do not change your password.  Depending on what the attacker is doing with your email account, there is a significant probability that you would not know your account was compromised for several days, weeks, or even years!

In ...

Continue Reading →
24
JUL
0

authentication, cybersecurity, Dark Web, Identity Theft, passwords, Phishing, social engineering, surveillance

The War for Your Inbox

I recently gave a presentation titled “Email Security – Resist That Click” on May 23 2017 at the Phipps Theatre in Hudson WI.  This event was sponsored by First State Bank and Trust of Bayport MN.  I was also asked to present this topic at the MnCCC Conference (Minnesota Counties Computer Consortium) in Alexandria MN on Wednesday June 7, 2017.  This presentation was titled “The War for Tour Inbox.”

First State Bank and Trust had my presentation video recorded, and it ...

Continue Reading →
28
JUN
0

Computers and Internet, cybersecurity, Identity Theft, passwords, Phishing, ransomware, Security, training

Page 13 of 21 «...101112131415...»