Who supports 2FA (two-factor authentication)?
Profile: Ken Harthun
In light of the plethora of data breaches in the news, it behooves us to use two-factor authentication (2FA) where it is available. I use it for important accounts like LastPass, eBay and PayPal. Where it is offered on other financial accounts, I use it. You should, too. But how do you know who...
0 Comments
RSS Feed
Email a friend
Turn off email preview in your email client
Profile: Ken Harthun
In light of Microsoft Security Advisory 2953095, I am restating advice I first published in 2008. While this particular vulnerability may not be directly related to previewing email messages, it is still a viable attack vector. Here is what I originally called "Security Maxim...
0 Comments
RSS Feed
Email a friend
Thwart predators and social engineers with a passphrase
Profile: Ken Harthun
I don't remember exactly where I saw it or heard it, but I recall a story about an incident where a child was approached by a (potential) sexual predator. The child was told his mother wanted him home right away and -- we'll call him Mr. Friendly -- Mr. Friendly was there to pick the child up....
0 Comments
RSS Feed
Email a friend
KrebsOnSecurity hit with massive WordPress pingback attack
Profile: Ken Harthun
In a March 14, 2014 blog post, Brian Krebs revealed that his site, KrebsOnSecurity, which runs on WordPress, was hit by a DDoS attack:
On Wednesday, KrebsOnSecurity was hit with a fairly large attack...
Is your site an unwitting participant in a DDoS attack?
Profile: Ken Harthun
In a normal DDoS attack, a botnet of hundreds or thousands of computers performs a coordinated attack against a particular website. But what if you don't have access to a botnet? You trick WordPress sites into sending unwanted traffic to the site. Here's how, according to a 0 Comments
RSS Feed
Email a friend
PWN2OWN cracks Reader, IE, Flash, Firefox and Chrome, but not Java
Profile: Ken Harthun
iOS 7.1 released to patch bugs and fix the White Screen of Death
Profile: Ken Harthun
On Monday, Apple released iOS 7.1 for iPad and iPhone and recommended that users update as soon as possible. The update comes just a few weeks after Apple released an emergency update for iOS that fixed a critical security hole that could have allowed hackers to intercept secure communications...
0 Comments
RSS Feed
Email a friend
