Cybercriminals want your cloud services accounts, CISA warns
CISA has issued a warning about several recent successful cyberattacks against various organizations’ cloud services
A week in security (December 14 – December 20)
A roundup of cybersecurity news from December 14 – 20, including SolarWinds, smart toys, Egregor, and many other topics.
VideoBytes: Brute force attacks increase due to more open RDP ports
The number of RDP ports exposed to the Internet grew from about three million in January 2020 to over four and a half million in March. So how do you protect yourself?
Brute force attacks increase due to more open RDP ports
More open ports are inviting attackers to try and gain entry by using brute force attacks. Why is this happening and what can we do?
The passwordless present: Will biometrics replace passwords forever?
The effectiveness of passwords to protect data has long been debated. Many have called for the death of passwords, instead pushing for biometrics to secure their most precious information. But is biometrics really a better, safer option?
Threat spotlight: Phobos ransomware lives up to its name
Phobos, which many believe was named after the Greek god of fear, isn’t as widespread as it was before nor is it more novel than your average ransomware. Yet, it remains a threat to consumers and businesses alike. We dive into Phobos ransomware and show users how to face their fears and protect against it.
Are hackers gonna hack anymore? Not if we keep reusing passwords
A look at the not-so-hacking hacker techniques attackers are using to compromise user accounts via weak passwords and gain access to enterprise networks.
Simple Authentication and Security Layer (SASL) vulnerabilities
The Simple Authentication and Security Layer (SASL) is an essential element of online authentication. But are you aware of all the known vulnerabilities? And, more importantly, have you patched them?
Is two-factor authentication (2FA) as secure as it seems?
Two factor authentication (2fa) was introduced to enhance login security, but does it always work as advertised? Or can it be bypassed?