computer security – Page 2 – WindowsTechs.com

Bypassing Two-Factor Authentication

Posted on April 1, 2022 by Bruce Schneier

These techniques are not new, but they’re increasingly popular:

…some forms of MFA are stronger than others, and recent events show that these weaker forms aren’t much of a hurdle for some hackers to clear. In the past few months, suspected script kiddies like the Lapsus$ data extortion gang and elite Russian-state threat actors (like Cozy Bear, the group behind the SolarWinds hack) have both successfully defeated the protection.

[…]

Methods include:

Sending a bunch of MFA requests and hoping the target finally accepts one to make the noise stop.
…

Continue reading Bypassing Two-Factor Authentication→

To guard against data loss and misuse, the cybersecurity conversation must evolve

Posted on July 1, 2021 by Ram Iyer

People — not applications, networks or endpoints — have become the primary security perimeter in today’s cloud-first, choose-the-handiest-device, collaboration-obsessed world. Continue reading To guard against data loss and misuse, the cybersecurity conversation must evolve→

Paul van Oorschot’s Computer Security and the Internet

Posted on June 17, 2021 by Bruce Schneier

Paul van Oorschot’s webpage contains a complete copy of his book: Computer Security and the Internet: Tools and Jewels. It’s worth reading.
Continue reading Paul van Oorschot’s Computer Security and the Internet→

Enterprise security attackers are one password away from your worst day

Posted on April 16, 2021 by Ram Iyer

IT organizations must shift their enterprise security strategy to detect credential-based attacks before they become a problem. Continue reading Enterprise security attackers are one password away from your worst day→

PlexTrac raises $10M Series A round for its collaboration-centric security platform

Posted on April 14, 2021 by Frederic Lardinois

PlexTrac, a Boise, ID-based security service that aims to provide a unified workflow automation platform for red and blue teams, today announced that it has raised a $10 million Series A funding round led by Noro-Moseley Partners and Madrona Venture Group. StageDot0 ventures also participated in this round, which the company plans to use to […] Continue reading PlexTrac raises $10M Series A round for its collaboration-centric security platform→

Mysterious Macintosh Malware

Posted on March 2, 2021 by Bruce Schneier

This is weird:

Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. So far, however, researchers have yet to observe delivery of any payload on any of the infected 30,00… Continue reading Mysterious Macintosh Malware→

Base Operations raises $2.2 million to modernize physical enterprise security

Posted on February 11, 2021 by Darrell Etherington

Typically when we talk about tech and security, the mind naturally jumps to cybersecurity. But equally important, especially for global companies with large, multinational organizations, is physical security — a key function at most medium-to-large enterprises, and yet one that to date, hasn’t really done much to take advantage of recent advances in technology. Enter […] Continue reading Base Operations raises $2.2 million to modernize physical enterprise security→

A Look at the Computer Security Act of 1987

Posted on December 2, 2020 by Tripwire Guest Authors

U.S. Federal Cybersecurity Today Computer security regulations have come a long way from their early beginnings. Even before the Federal Information Security Management Act (FISMA), there was the Computer Security Act of 1987 (CSA). The Computer Secur… Continue reading A Look at the Computer Security Act of 1987→

Ivanti has acquired security firms MobileIron and Pulse Secure

Posted on December 1, 2020 by Zack Whittaker

IT security software company Ivanti has acquired two security companies: enterprise mobile security firm MobileIron, and corporate virtual network provider Pulse Secure. In a statement on Tuesday, Ivanti said it bought MobileIron for $872 million in stock, with 91% of the shareholders voting in favor of the deal; and acquired Pulse Secure from its parent […] Continue reading Ivanti has acquired security firms MobileIron and Pulse Secure→

Enso Security raises $6M for its application security management platform

Posted on October 28, 2020 by Frederic Lardinois

Enso Security, a Tel Aviv-based startup that is building a new application security platform, today announced that it has raised a $6 million seed funding round led by YL Ventures, with participation from Jump Capital. Angel investors in this round include HackerOne co-founder and CTO Alex Rice; Sounil Yu, the former chief security scientist at […] Continue reading Enso Security raises $6M for its application security management platform→