Spam In your Calendar? Here’s What to Do.

Credit to Author: BrianKrebs| Date: Tue, 03 Sep 2019 18:56:07 +0000

Many spam trends are cyclical: Spammers tend to switch tactics when one method of hijacking your time and attention stops working. But periodically they circle back to old tricks, and few spam trends are as perennial as calendar spam, in which invitations to click on dodgy links show up unbidden in your digital calendar application from Apple, Google and Microsoft. Here’s a brief primer on what you can do about it.

Read more

What You Should Know About the Equifax Data Breach Settlement

Credit to Author: BrianKrebs| Date: Mon, 22 Jul 2019 19:27:11 +0000

Big-three credit bureau Equifax has reportedly agreed to pay at least $650 million to settle lawsuits stemming from a 2017 breach that let intruders steal personal and financial data on roughly 148 million Americans. Here’s a brief primer that attempts to break down what this settlement means for you, and what it says about the value of your identity.

Read more

Caution: Misuse of security tools can turn against you

Credit to Author: Vasilios Hioureas| Date: Thu, 11 Jul 2019 17:34:57 +0000

If not implemented correctly, the very security tools we use to keep our information private may actually cause data leaks themselves. We outline a few cases and provide suggestions for researchers and security admins.

Categories:

Tags:

(Read more…)

The post Caution: Misuse of security tools can turn against you appeared first on Malwarebytes Labs.

Read more

Microsoft to Require Multi-Factor Authentication for Cloud Solution Providers

Credit to Author: BrianKrebs| Date: Fri, 28 Jun 2019 18:01:53 +0000

It might be difficult to fathom how this isn’t already mandatory, but Microsoft Corp. says it will soon force all Cloud Solution Providers (CSPs) that help companies manage their Microsoft Azure and Office365 accounts to use multi-factor authentication. The move comes amid a noticeable uptick in phishing and malware attacks targeting CSP employees and contractors.

Read more

Android 7.0+ Phones Can Now Double as Google Security Keys

Credit to Author: BrianKrebs| Date: Thu, 11 Apr 2019 16:14:53 +0000

Google this week made it easier for Android users to enable strong 2-factor authentication (2FA) when logging into Google’s various services. The company announced that all phones running Android 7.0 and higher can now be used as Security Keys, an additional authentication layer that helps thwart phishing sites and password theft.

Read more

Why Phone Numbers Stink As Identity Proof

Credit to Author: BrianKrebs| Date: Sun, 17 Mar 2019 23:25:06 +0000

Phone numbers stink for security and authentication. They stink because most of us have so much invested in these digits that they’ve become de facto identities. At the same time, when you lose control over a phone number — maybe it’s hijacked by fraudsters, you got separated or divorced, or you were way late on your phone bill payments — whoever inherits that number can then be you in a lot of places online.

Read more

MyEquifax.com Bypasses Credit Freeze PIN

Credit to Author: BrianKrebs| Date: Fri, 08 Mar 2019 16:12:38 +0000

Most people who have frozen their credit files with Equifax have been issued a numeric Personal Identification Number (PIN) which is supposed to be required before a freeze can be lifted or thawed. Unfortunately, if you don’t already have an account at the credit bureau’s new myEquifax portal, it may be simple for identity thieves to lift an existing credit freeze at Equifax and bypass the PIN armed with little more than your, name, Social Security number and birthday.

Read more

What the Marriott Breach Says About Security

Credit to Author: BrianKrebs| Date: Sat, 01 Dec 2018 21:16:13 +0000

We don’t yet know the root cause(s) that forced Marriott this week to disclose a four-year-long breach involving the personal and financial information of 500 million guests of its Starwood hotel properties. But anytime we see such a colossal intrusion go undetected for so long, the ultimate cause is usually a failure to adopt the most important principle in cybersecurity defense that applies to both corporations and consumers: Assume you are compromised.

Read more

How to Shop Online Like a Security Pro

Credit to Author: BrianKrebs| Date: Fri, 23 Nov 2018 23:24:06 +0000

‘Tis the season when even those who know a thing or two about Internet scams tend to let down their guard in the face of an eye-popping discount or the stress of last-minute holiday shopping. So here’s a quick refresher course on how to make it through the next few weeks without getting snookered online.

Read more

Patch Tuesday, November 2018 Edition

Credit to Author: BrianKrebs| Date: Wed, 14 Nov 2018 13:25:13 +0000

Microsoft on Tuesday released 16 software updates to fix more than 60 security holes in various flavors of Windows and other Microsoft products. Adobe’s also got security patches available for Flash, Acrobat and Adobe Reader users. 

Read more