You are here
Home > Posts tagged "Tech Republic" (Page 2)

How to protect your organization against targeted phishing attacks

It's not complicated, just difficult...: [...] At a minimum, answer these three first: 1) Who in my organization is being targeted by attackers?The answer is not as simple as looking at the top tiers of your org chart; 2) What types of attacks are they facing?Knowing the lures and traps attackers are using can help you better position your defenses; and 3) How can I minimize risk if these attacks get through?The answer is to use the information you've gathered to deliver the

How MIT researchers use machine learning to detect IP hijackings before it occurs

This smacks of Minority Report pre-crime. I like it...: [...] To zero in on serial IP hijackings, the team grabbed information from network operator mailing lists and from historical BGP data taken every five minutes from the global routing table. By analyzing that information, they were able to detect specific traits of hijackers and then train their system to automatically identify those traits. Specifically, the machine learning system tagged networks with three key tr

How businesses could be exposed to security risks from employees using FaceApp

Where the app itself may not be as risky as some jittery US Senators think, it's generally a bad idea for employees to download unauthorised apps onto corporate devices. My twitter feed is swamped with discussions about this years-old app. It's truly "gone viral"...: [...] FaceApp CEO Yaroslav Goncharov talked to TechRepublic about the safety of his app. "FaceApp performs most of the photo processing in the cloud. We only upload a photo selected by a user for editing. We nev

How fraudulent domain names are powering phishing attacks

It's ironic that many legitimate still haven't migrated to https. All the while the fraud sites are getting more sophisticated...: The proliferation of alternative, "generic" TLDs—such as .app and .online—as well as the ability to register domain names using non-latin characters are enabling phishing attacks, according to the 2019 Proofpoint Domain Fraud Report, published Tuesday. Since ICANN—the organization responsible for administration of the domain name system—began del

Seriously, stop using qwerty as a password–enlist these password strategies instead

There's some good advice here. One resource I haven't used before is this one "If your password has been PWNED, make sure to change your password as soon as possible and make it unique for each site. There is a special government service that can help you check:"... World Password Day is held on the first Thursday each May with the intention to promote more effective password usage. Strategies related to this involve complex passwords, two-factor a

Why open sourcerors might want to ditch Android for iOS

Privacy is the new marketing kool aid...: [...] As bad as Apple's iPhone has been with user privacy, Google's Android has been worse. While the company recently trotted out some improvements, the harsh reality is that it is not in Google's interest to secure privacy—at least, not private data that it can otherwise use to push ads. Small wonder, then, that recent academic research from Vanderbilt professor Douglas Schmidt found that Android phones pull roughly 10x more

How to harden your macOS systems with Lynis

Macs (and iPads/iPhones) are often found in enterprises as 'Bring-your-own' devices so managing them can be a nightmare. If you are in the fortunate position of being able to mandate some form of management, here's a tool that can reduce your admin load...: Regularly checking your macOS systems for properly configured systems, apps, and services with Lynis helps administrators harden devices by minimizing their attack surface. [...] Lynis is open-source software that r

How to change the complexity of your Windows PIN

Strange...I've setup PINs on many Win 10 devices (mostly VMs for me to destroy) and didn't even realise that you could choose 4 digits. All mine are 6 or greater...: [...] Those of you who create a PIN to back up your password in Windows probably rely on a standard 4-digit number, but did you know that you can create a longer and more complex PIN? You can devise a PIN with 6, 8, 10, 12, or more digits. You can also create a PIN with letters and special characters as well as

Cybersecurity insurance: Read the fine print

...and use a specialist broker. [...] After consulting with experts, Bounds offers the following suggestions as a means to drive down perceived risk and possibly lower premiums. Those responsible in the company: Should consider buying more cybersecurity coverage when there's a heavy reliance on technology due to the lack of in-house cybersecurity expertise; May find they need less insurance coverage if appropriate cybersecurity practices are employed, and there are i