Security Corner:

March, 2014

1

March 30, 2014  4:12 PM

Who supports 2FA (two-factor authentication)?

Ken Harthun Ken Harthun Profile: Ken Harthun

In light of the plethora of data breaches in the news, it behooves us to use two-factor authentication (2FA) where it is available. I use it for important accounts like LastPass, eBay and PayPal. Where it is offered on other financial accounts, I use it. You should, too. But how do you know who...

March 29, 2014  9:58 PM

Turn off email preview in your email client

Ken Harthun Ken Harthun Profile: Ken Harthun

In light of Microsoft Security Advisory 2953095, I am restating advice I first published in 2008. While this particular vulnerability may not be directly related to previewing email messages, it is still a viable attack vector. Here is what I originally called "Security Maxim...


March 29, 2014  9:36 PM

Oh no! Not another password post!

Ken Harthun Ken Harthun Profile: Ken Harthun

bad-passwords Bookmark and Share     0 Comments     RSS Feed     Email a friend


March 26, 2014  1:55 AM

Thwart predators and social engineers with a passphrase

Ken Harthun Ken Harthun Profile: Ken Harthun

I don't remember exactly where I saw it or heard it, but I recall a story about an incident where a child was approached by a (potential) sexual predator.  The child was told his mother wanted him home right away and -- we'll call him Mr. Friendly -- Mr. Friendly was there to pick the child up....


March 17, 2014  2:49 AM

KrebsOnSecurity hit with massive WordPress pingback attack

Ken Harthun Ken Harthun Profile: Ken Harthun

In a March 14, 2014 blog post, Brian Krebs revealed that his site, KrebsOnSecurity, which runs on WordPress, was hit by a DDoS attack:

On Wednesday, KrebsOnSecurity was hit with a fairly large attack...


March 15, 2014  4:21 PM

Is your site an unwitting participant in a DDoS attack?

Ken Harthun Ken Harthun Profile: Ken Harthun

In a normal DDoS attack, a botnet of hundreds or thousands of computers performs a coordinated attack against a particular website. But what if you don't have access to a botnet? You trick WordPress sites into sending unwanted traffic to the site. Here's how, according to a


March 15, 2014  2:37 PM

PWN2OWN cracks Reader, IE, Flash, Firefox and Chrome, but not Java

Ken Harthun Ken Harthun Profile: Ken Harthun

laptopthief Bookmark and Share     0 Comments     RSS Feed     Email a friend


March 13, 2014  12:56 AM

iOS 7.1 released to patch bugs and fix the White Screen of Death

Ken Harthun Ken Harthun Profile: Ken Harthun

On Monday, Apple released iOS 7.1 for iPad and iPhone and recommended that users update as soon as possible. The update comes just a few weeks after Apple released an emergency update for iOS that fixed a critical security hole that could have allowed hackers to intercept secure communications...


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: