Collaborate Disseminate
The U.S. Social Security Administration will soon require Americans to use stronger authentication when accessing their accounts at ssa.gov. As part of the change, SSA will require all users to enter a username and password in addition to a one-time security code sent their email or phone. In this post, we’ll parse this a bit more and look at some additional security options for SSA users. Continue reading SSA.GOV To Require Stronger Authentication
Researchers said good social engineering and users’ trust in the convenience afforded by the OAUTH mechanism guaranteed Wednesday’s Google Docs phishing attacks would spread quickly. Continue reading 1 Million Gmail Users Impacted by Google Docs Phishing Attack
Researchers said good social engineering and users’ trust in the convenience afforded by the OAUTH mechanism guaranteed Wednesday’s Google Docs phishing attacks would spread quickly. Continue reading 1 Million Gmail Users Impacted by Google Docs Phishing Attack
Despite the myriad of security solutions deployed, breaches are still happening. Even with the most robust security solutions it seems that we’re failing with the fundamentals, with ever more sophisticated hacks infiltrating and bringing down networks or resulting in compromised data. For all the security solutions we can create, it’s people who are the first line of defence – but also the weakest link in the chain when it comes to your security defences. Isn’t … More → Continue reading Security and the human factor: Creating a positive user experience
Mike Mimoso talks to Duo Security co-founder and CTO Jon Oberheide at RSA Conference about Google’s BeyondCorp security model, enforcing perimeter security, how endpoint security has evolved through the years, and the future of passwords. Continue reading Jon Oberheide on Perimeter Security
The run-time application self protection security market showing growth, cloud based access provider Duo Security unveils new single sign on for SaaS Applications, AlienVault Research and much more here on Enterprise Security Weekly! Full Show Notes Vi… Continue reading Enterprise Security Weekly – Episode 16: News
Discuss privileged identity management with Paul and Santarcangelo. It is becoming more of trend. Full Show Notes Visit http://securityweekly.com/esw for all the latest episodes! http://traffic.libsyn.com/eswaudio/Enterprise_Security_Weekly_-_Episode_1… Continue reading Enterprise Security Weekly – Episode 16: Privileged Alphabet Soup
A recent ping from a reader reminded me that I’ve been meaning to blog about the security limitations of using cell phone text messages for two-factor authentication online. The reader’s daughter had received a text message claiming to be from Google, warning that her Gmail account had been locked because someone in India had tried to access her account. The young woman was advised to expect a 6-digit verification code to be sent to her and to reply to the scammer’s message with that code. Continue reading The Limits of SMS for 2-Factor Authentication
Mike Mimoso, Tom Spring and Chris Brook discuss the news of the week, including all things Android: the crypto weakness, the full disk encryption bypass, and new malware, Hummingbad, which impacts the mobile operating system. The three also discuss the… Continue reading Threatpost News Wrap, July 8, 2016
High-severity vulnerabilities were found in pre-installed software updaters present in consumer and business laptops from vendors such as Dell, HP, Lenovo, Asus and Acer. Continue reading Bloatware Insecurity Continues to Haunt Consumer, Business Laptops