What's Your IT Question?

Want to know more about this topic or about us? Contact us!

All posts in Web Security

‘Scheme Flooding’ Allows Websites to Track Users Across Browsers

A flaw that allows browsers to enumerate applications on a machine threatens cross-browser anonymity in Chrome, Firefox, Microsoft Edge, Safari and even Tor. A security researcher has discovered a vulnerability that allows websites to track users across a number of different desktop browsers — including Apple Safari, Google Chrome, Microsoft Edge, Mozilla . . . Read more

Verizon: Pandemic Ushers in ⅓ More Cyber-Misery

The DBRI – Verizon’s 2021 data breach report – shows spikes in sophisticated phishing, financially motivated cyberattacks and a criminal focus on web-application servers. Thanks for just showing up, said the team that cranked out the Verizon 2021 Data Breach Investigations Report (DBIR). It’s quite the accomplishment that we all . . . Read more

Ransomware Going for $4K on the Cyber-Underground

An analysis of three popular forums used by ransomware operators reveals a complex ecosystem with many partnerships. In the cybercriminal underground, ransomware samples and builders are going for anywhere between $300 to $4,000, with ransomware-as-a-service rentals costing $120 to $1,900 per year. That’s according to an analysis by Kaspersky of . . . Read more

Beyond MFA: Rethinking the Authentication Key

Tony Lauro, director of security technology and strategy at Akamai, discusses hardware security dongles and using phones to act as surrogates for them. You have to hand it to the cyber-thieves: They have proven extremely adept at defeating security measures once thought reliable. Case in point: multifactor authentication (MFA). While . . . Read more

Apple’s ‘Find My’ Network Exploited via Bluetooth

The ‘Send My’ exploit can use Apple’s locator service to collect and send information from nearby devices for later upload to iCloud servers. Apple’s “Find My device” function for helping people track their iOS and macOS devices can be exploited to transfer data to and from random passing devices without using . . . Read more

Five Critical Password Security Rules Your Employees Are Ignoring

According to Keeper Security’s Workplace Password Malpractice Report, many remote workers aren’t following best practices for password security. Password security was a problem even before the advent of widespread remote work. So, what happened post-pandemic? Keeper Security’s Workplace Password Malpractice Report sought to find out. In February 2021, Keeper surveyed . . . Read more