Security Corner:

Security best practice


March 30, 2014  4:12 PM

Who supports 2FA (two-factor authentication)?



Posted by: Ken Harthun
Password, Secure Computing, Security, Security best practice, Security management, Two-factor authentication

In light of the plethora of data breaches in the news, it behooves us to use two-factor authentication (2FA) where it is available. I use it for important accounts like LastPass, eBay and PayPal. Where it is offered on other financial accounts, I use it. You should, too. But how do you know who...

March 29, 2014  9:58 PM

Turn off email preview in your email client



Posted by: Ken Harthun
Secure Computing, Security, Security best practice

In light of Microsoft Security Advisory 2953095, I am restating advice I first published in 2008. While this particular vulnerability may not be directly related to previewing email messages, it is still a viable attack vector. Here is what I originally called "Security Maxim...


March 29, 2014  9:36 PM

Oh no! Not another password post!



Posted by: Ken Harthun
Password, Secure Computing, Security, Security best practice, Security management

bad-passwords

Bookmark and Share     0 Comments     RSS Feed     Email a friend


March 26, 2014  1:55 AM

Thwart predators and social engineers with a passphrase



Posted by: Ken Harthun
Cybercrime, Password, Secure Computing, Security, Security best practice, Security management

I don't remember exactly where I saw it or heard it, but I recall a story about an incident where a child was approached by a (potential) sexual predator.  The child was told his mother wanted him home right away and -- we'll call him Mr. Friendly -- Mr. Friendly was there to pick the child up....


March 15, 2014  4:21 PM

Is your site an unwitting participant in a DDoS attack?



Posted by: Ken Harthun
Denial of Service, Pingback XML-RPC, Security, Security best practice, Vulnerabilities

In a normal DDoS attack, a botnet of hundreds or thousands of computers performs a coordinated attack against a particular website. But what if you don't have access to a botnet? You trick WordPress sites into sending unwanted traffic to the site. Here's how, according to a


February 28, 2014  10:21 PM

Two factor authentication becoming a necessity



Posted by: Ken Harthun
Secure Computing, Security, Security best practice, Security management, Two-factor authentication

With the password's fading usefulness, we have to seriously consider two-factor authentication as the minimum level of security for any site dealing with sensitive information. I have been using the PayPal "football" for years as a second factor on both PayPal and eBay. I've implemented Yubikey...


February 27, 2014  2:33 AM

Mac OS X 10.9.2 released to fix critical SSL security hole



Posted by: Ken Harthun
Mac, OS X, Secure Computing, Security, Security best practice

They promised "as soon as possible" and they delivered. Here are the details straight from the OS X App Store.

Bookmark and Share     0 Comments     RSS Feed     Email a friend


February 27, 2014  2:12 AM

Why passwords alone are no longer sufficient security



Posted by: Ken Harthun
Credit Card Fraud, data security, Security, Security best practice, Security management

We have all see this coming for a long time; in fact, I'm surprised it has taken this long to become obvious that passwords are no longer sufficient security. Sure, they're OK for things that really don't matter like news sites and entertainment sites -- any site that doesn't store sensitive...


January 20, 2014  8:53 PM

How to stay (relatively) secure with XP at the end of support – Part 2



Posted by: Ken Harthun
Secure Computing, Security, Security best practice

In How to stay (relatively) secure with XP at the...

Bookmark and Share     0 Comments     RSS Feed     Email a friend


January 20, 2014  8:08 PM

Anti-malware protection for Windows XP extended to July, 2015



Posted by: Ken Harthun
Malware, Secure Computing, Security, Security best practice, Vulnerabilities

mse

Bookmark and Share     1 Comment     RSS Feed     Email a friend


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: