Julie Conroy – WindowsTechs.com

A Breach, or Just a Forced Password Reset?

Posted on December 4, 2018 by BrianKrebs

Software giant Citrix Systems recently forced a password reset for many users of its Sharefile content collaboration service, warning it would be doing this on a regular basis in response to password-guessing attacks that target people who re-use passwords across multiple Web sites. Many Sharefile users interpreted this as a breach at Citrix and/or Sharefile, but the company maintains that’s not the case. Here’s a closer look at what happened, and some ideas about how to avoid a repeat of this scenario going forward. Continue reading A Breach, or Just a Forced Password Reset?→

Fiserv Flaw Exposed Customer Data at Hundreds of Banks

Posted on August 28, 2018 by BrianKrebs

Fiserv, Inc., a major provider of technology services to financial institutions, just fixed a glaring weakness in its Web platform that exposed personal and financial details of countless customers across hundreds of bank Web sites, KrebsOnSecurity has learned. Continue reading Fiserv Flaw Exposed Customer Data at Hundreds of Banks→

Simple Banking Security Tip: Verbal Passwords

Posted on November 6, 2017 by BrianKrebs

There was a time when I was content to let my bank authenticate me over the phone by asking for some personal identifiers (SSN/DOB) that are broadly for sale in the cybercrime underground. At some point, however, I decided this wasn’t acceptable for institutions that held significant chunks of our money, and I began taking our business away from those that wouldn’t let me add a simple verbal passphrase that needed to be uttered before any account details could be discussed over the phone. Continue reading Simple Banking Security Tip: Verbal Passwords→