Cyber Security Articles & News

Yes, Google’s Security Key Is Hackable

Here is an article by Roger Grimes, Data-Driven Defense Evangelist at KnowBe4

Ever since Google told the world that none of its 85,000 employees had been successfully hacked (https://krebsonsecurity.com/2018/07/google-security-keys-neutralized-employee-phishing/) since they started implementing Security Keys, like Yubico’s YubiKey (https://www.yubico.com/products/yubikey-hardware/), I’ve been contacted by friends and the media about my thoughts.

Read More >
Lack of Security Awareness Training Allowed Russians to Hack American Election

KnowBe4, provider of the world's largest security awareness training and simulated phishing platform, analyzed the official indictment of the Russian GRU officers charged with interfering in the 2016 U.S. presidential election.

Read More »
Phishing Attack Bypasses Two-Factor Authentication

Hacker Kevin Mitnick demonstrates a phishing attack designed to abuse multi-factor authentication and take over targets' accounts.

Businesses and consumers around the world are encouraged to adopt two-factor authentication as a means of strengthening login security. But 2FA isn't ironclad: attackers are finding ways to circumvent the common best practice. In this case, they use social engineering.

Read More »
EVENT REVIEW: Password Rules Suck, Says The Guy Who Created Them

Uppercase, lowercase, number, symbol - it's the mantra repeated over and over by IT admins when they set password rules. Throw in the requirement to change those passwords every 30 days or so, and not repeat an old password or even have characters in the same place over some arbitrary cycle and you suddenly have a complex set of rules that makes life really hard for users. And the guy who penned many of these rules, Bill Burr from NIST, says he screwed up.

Read More »
The ATO’s top 10 digital security tips

Here are some tips from the ATO to help business owners maintain the most digitally secure business they possibly can.

Read More »