Yes you are reading the headline correctly, and no I am not out of my mind. The current crop of Microsoft products including the Windows 7, 8.1, and 10 operating systems are some of the best products in their class from a cybersecurity standpoint. This is according to a recent article in the New York Times, as well as from Microsoft’s new ...
One of the security practices that I am always looking for is two-factor or multi-factor authentication. This is when you need a user name, a password, and a special code or device to provide the second authentication factor.
I have been using Google Authenticator with my extensive set Google accounts and with the password manager LastPass. I was happy to learn that I can ...
Continue Reading →
Just received an email from WordFence, the WordPress security plugin-developer, that popular WordPress hosting company WPEngine had a breach that may have included customer user name and password information. The full text of the email I received follows.
Continue Reading →“We learned about an hour ago that there has been a data breach at WPEngine. Some of their customer login credentials have been exposed. ...
I was surprised to discover proof that my business is a target of cyber-criminals. After installing some security and reporting tools on my websites, I was alerted to the almost constant state of attack that they were under. And all I am doing is writing a cybersecurity blog. And you, dear reader, what of your business? There is a good chance that you are too, but simply don’t know it ...
According to a post on Sophos, Comcast has reset the passwords on 200,000 customers after a security researcher discovered an advertisement on the Dark Web offering to sell 500,000 Comcast passwords in pain text for $1000 in BitCoin. Investigation by Comcast found that “only” 200,000 of there accounts were active and proactively reset the passwords on all the affected accounts. ...
Would you buy your password from an 11-year old girl? I would, and maybe you should, too. Mira Modi, an 11-year old New Yorker, has very very cool service called Diceware. Using a technique developed by Arnold Reinhold, Mira uses dice to come up with a unique 6 word passphrase, which she will send to you in the US Mail. Her fee is two bucks.
Understanding that passwords are cracked by cyber-criminals one of two ways, either ...
Continue Reading →
I read an article recently on Dark Matters, by Bob Monroe, that talked about smartphones from the perspective on an attacker – just how good of an attack surface is your average smartphone? Pretty good, as it turns out, which is not so good for you and me.
The first problem is that these little computers are very chatty. If they are turned on, they are talking to the nearest ...
Continue Reading →
Using BASIC or Visual BASIC programming scripts can add automation and other functions to documents created in the Microsoft Office productivity suite of products. Unfortunately, this feature can be used by cyber-attackers to send malware exploits in otherwise innocuous looking documents that most people would open without a second thought.
The macro virus goes back to 1995, the most infamous being the Melissa email macro virus that $80 million in damages to ...
Continue Reading →
I know I usually focus on writing articles that are useful to the average business owner or computer user, but I received something in my inbox recently that I just have to share. This is from another blog on Postmodern Security titled “MALWARE ANALYSIS AND INCIDENT RESPONSE TOOLS FOR THE FRUGAL AND LAZY”. If you are a cybersecurity professional ...
Today we start a three article series on developing good password strategy for you small business. As it happens, there is a great resource available courtesy of Her Majesty’s Government. The British signals intelligence department, GCHQ, has published a guide to password policy entitled Password Guidance: Simplifying Your Approach. This 12 page guide offers password advise in seven sections. They are: