Data Theft Via the Cloud: You Don’t Need Flash Drives Any More

News stories worldwide have related stories of individuals illicitly copying data from governments and private organizations. Sometimes that’s called data theft, but the term data exfiltration is more accurate. There are other exfiltration vectors, and all are threats to confidentiality. Most of the stories I have read about data exfiltration (of stored data) involve some […]
Read More ›

Leaving Your Mark: Thermal Signatures of Passwords Left on Keyboards

We leave evidence of where we’ve been and what we’ve done all over the place. From footprints to DNA, we seldom act without a trace. Our keyboards are no exception. I’m not talking just about fingerprints, DNA, food particles, or skin oils. I’m talking about heat. I saw a movie or maybe a television show […]
Read More ›

Defense in Depth: It’s for Programmers, Too!

“But, we took care of that before, didn’t we?” asked a participant in a web application security course I taught recently. It was a good, logical question. We were discussing “SQL injection” a process where an attacker enters database commands into a website field – in, say a forum or comment section – that could […]
Read More ›

Vishing: Another Way to go Phishing

If you thought there was only one kind of phishing attack, you’d be wrong. There are a handful of types and “vishing” is becoming increasingly common. To understand vishing, a definition of phishing itself is in order. Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords, and credit card details (and […]
Read More ›

When Two-factor Authentication Goes Wrong

I am a strong advocate of two-factor authentication, but when it goes wrong, you can lose access to critical systems. I have written about the benefits of two-factor authentication (2FA) here and I discuss it every time I teach Learning Tree’s System and Network Security Introduction. A recent account lockout hasn’t diminished my support for […]
Read More ›

Type to search blog.learningtree.com

Do you mean "" ?

Sorry, no results were found for your query.

Please check your spelling and try your search again.