Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Ten Tips for New Cybersecurity Pros (free PDF)

New to cybersecurity?  Building a successful cybersecurity career begins with taking good foundational steps. In this ebook, two InfoSec professionals share their advice for those just starting out.


Want a Great Job with the FBI?  Launch a Bot-Net

A la “Catch Me If You Can” Frank Abignale fame, the three creators of the Mirai bot-net have been given probation and good jobs consulting for the FBI.


Vote now! Which web browser do you trust the most?

Your web browser goes with you everywhere on the web. But how much do you trust it?


ATT, Sprint, Verzion, T-Mobile to Replace Passwords With Authentication App

We have said for a while that the password is dead.  Project Verify from Verizon, AT&T, Sprint and T-Mobile aims to replace your password.


Will Microsoft finally kill the password with its Authenticator upgrade?

Microsoft has extended its support for password-less login using the app to the hundreds of thousands of Azure Active Directory-connected apps used by business, one of a series of security improvements announced at Ignite.


DNSSEC Key Signing Key Rollover

09/27/2018 07:52 PM EDT Original release date: September 27, 2018

On October 11, 2018, the Internet Corporation for Assigned Names and Numbers (ICANN) will be changing the Root Zone Key Signing Key (KSK) used in the Domain Name System (DNS) Security Extensions (DNSSEC) protocol.

DNSSEC is a set of protocol extensions used to digitally sign DNS information, an important part of preventing domain name hijacking. Updating DNSSEC KSK is a crucial security step in ensuring DNSSEC-validating DNS resolvers continue to function after the rollover. While DNSSEC validation is mandatory for federal agencies, it is not required of the private sector. Organizations that do not use DNSSEC validation will be unaffected by the rollover.


 

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.
  Related Posts

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.