When Two-factor Authentication Goes Wrong
I am a strong advocate of two-factor authentication, but when it goes wrong, you can lose access to critical systems. I have written about the benefits of two-factor authentication (2FA) here and I discuss it every time I teach Learning Tree’s System and Network Security Introduction. A recent account lockout hasn’t diminished my support for […]
No More Signatures! Am I Still Safe?
If you have used a credit card in North America in the last month, you may have noticed that you were not asked for a signature. That may have come as a surprise. It turns out to be a good thing! In a March 2018 Infographic, Visa says that that the dollar amount of counterfeit […]
How Password Spraying Could be an Attack Vector Into Your Organization
There are two common ways the bad guys might try to break into a building: spend lots of effort on one door or window, or try each door and window to see if one is easier to enter than the others. The same is true for attackers trying to compromise systems and networks (and penetration […]
What is a Stingray And How Does It Impact Me?
According to news reports from outlets including IDG’s CSO, the US Department of Homeland Security said in early April of this year that there are unauthorized “stingrays” in the Washington, DC areas and in “other cities.” To be perfectly honest, I cannot find the term stingray in the documents I read, and “StingRay” is a […]
Should I Become a Certified Ethical Hacker?
Maybe you’ve heard a little about the Certified Ethical Hacker or CEH exam. You probably have some questions: What is a certified ethical hacker? How does a CEH fit into an IT organization? How do you get certified? What knowledge and skills are crucial to success? How does CEH relate to other cybersecurity certifications? Let’s […]