Authentication Without Passwords

The password represents one of the weakest links in the cybersecurity chain, and is frequently one of the opening points of an attack.  Passwords can be collected in cleartext through phishing exploits such as an email link that directs you to a fake login page, or social engineering ploys such as bogus calls from “IT” or “tech support,” or keylogging software that captures the entire user name/password/web address triad.  Passwords can ...

Continue Reading →
0

Ransomware Mitigation – Texas Shows How It Is Done

We recently wrote about the upsurge in ransomware attacks, and one of the examples in that article was the recent attack on about two dozen governmental and educational networks in the state of Texas.  Texas was initially tight lipped about what they were doing to mitigate the attack, in an effort to prevent the attackers from learning about their defensive strategies and systems, and adapting their attack ...

Continue Reading →
0

Ransom Variants Target Linux Servers

No one is immune from cyber-attacks anymore, and that includes Apple and Linux systems.  Lately there has been a lot of activity around crypto-ransomware attacks against Linux servers.  When you consider that a very large percentage of servers working on the Internet are running Linux under the hood, this is a critical issue.

February 2019 brought us the ransomware variant B0r0nt0k, which encrypted server contents and then demanded as much as 20 ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


How to become a cybersecurity pro: A cheat sheet (free PDF)

As cybercriminals grow more sophisticated and news of major breaches reach headlines nearly daily, cybersecurity professionals are in high demand: There are currently nearly 3 million unfilled cybersecurity jobs worldwide, ISC(2) found.


Watch Out for North Korean Malicious Cyber Activity

Original release date: ...

Continue Reading →
0

Ransomware Is Back and Worse Than Ever

A couple years ago, it looked like crypto-ransomware attacks were falling by the wayside.  Business email compromise (email account hijacking) and associated wire transfer fraud were becoming easier and more successful for cyber-criminals than ransomware.  I made some predictions in this blog and in public presentations that ransomware had seen it’s day.  Unfortunately, I was wrong.  In 2018 and ...

Continue Reading →
2
Page 4 of 170 «...23456...»