Microsoft is urging users to abandon telephone-based multi-factor authentication (MFA) solutions like one-time codes sent via SMS and voice calls and instead replace them with newer MFA technologies, like app-based authenticators and security keys. The warning comes from Alex Weinert, Director of Identity Security at Microsoft. For the past year, Weinert has been advocating on Microsoft’sContinue reading “Microsoft urges users to stop using phone-based multi-factor authentication”
You can lock down your meetings like never before – even if you have to give up a few features to do so.
Google disclosed a zero-day vulnerability in Windows 10 last month, and it’s currently being used in the wild. The security flaw, filed as CVE-2020-17087, puts both Windows 10 and Windows 7 at risk. Google gave Microsoft the standard 7-day notice to patch the issue, but a week has come and gone with no solution. As aContinue reading “Windows 10 security flaw is under active attack – what you need to know”
In 10 years, cybersecurity as we know it will no longer exist, according to Cloudflare cofounder and COO Michelle Zatlyn, who spoke at Business Insider’s inaugural roundtable conversation featuring five Enterprise Tech Transformers. “I have a point of view that cybersecurity is going to be a thing of the past the next decade because IContinue reading “Cybersecurity as we know it will be ‘a thing of the past in the next decade,’ says Cloudflare’s COO, as security moves towards a ‘water treatment’ model”
Over the six-month period from March to August 2020, over 925,000 malicious emails managed to bypass Office 365 defenses and well-known secure email gateways (SEGs), an Area 1 Security study reveals.
Back in the day, all this was tape, but times have changed, with cloud-to-cloud backup, cloud storage, virtual and physical backup appliances and myriad endpoint hardware Backup has changed almost beyond recognition in the past decade or so. Traditional backup, to tape that was moved offsite with a secondary site to operate from in case of disaster,Continue reading “Five ways that backup has changed since the days of tape”
Mozilla is pressing ahead with its controversial DNS-over-HTTPS (DoH) feature that many across the United States and the United Kingdom have lobbied against. The update will add an additional layer of encryption to your internet traffic and makes it more difficult for ISPs to snoop on your browsing data. Whenever you punch in a webContinue reading “Mozilla Firefox’s new feature will make it harder for ISPs to spy on you”
A ransomware attack on a US natural gas facility meant a pipeline had to be shut down for two days, the US Department of Homeland Security (DHS) has said. However, it did not name the facility or say when the attack happened. A malicious link sent to staff at the facility eventually caused the shutdownContinue reading “Ransomware-hit US gas pipeline shut for two days”
Trying to steal your username and password is so “yesterday.” The 2020 Hacker is now leveraging Office 365 OAuth APIs to gain control over user mailboxes with phishing tactics. The usefulness of a captured Office 365 user logon to an attacker is only valuable until the logon’s owner realizes they’ve been compromised, and their password is changed.Continue reading “New Office 365 Phishing Attack Targets OAuth Apps Instead of Credentials”
Smaller companies have higher breach-related, per-employee costs than larger organizations. An annual IBM security breach study released today (July 23, 2019) reveals that the cost of a data breach has risen 12% over the past five years and now costs $3.92 million on average. These rising expenses are representative of the multiyear financial impact of breaches, increased regulation and theContinue reading “Research Security Tech IBM Study: Data Breaches a Growing Risk for Small Business | 2019”