Security

Categories :
Hackers using “push  bombing” to bypass your MFA/2FA

Hackers using “push bombing” to bypass your MFA/2FA

Multifactor authentication (MFA) is the gold standard in offices around the world and 2FA is the standard for end users. We all know the drill: you use your username (often your email address) and, perhaps, as the password, the name of your first dog and your kids DOB. Not very foolproof, and not recommended, but often the end user isn’t too worried. In their mind, they know that if the hacker does figure out their crappy password using various tools or techniques, they still must find their...

read more
What is the difference between 2FA and MFA ?

What is the difference between 2FA and MFA ?

Cybersecurity is a complex topic and if you are the average layperson, you likely have found yourself asking "What is the difference between 2FA and MFA ". In simple terms, Two-Factor Authentication (2FA) requires users to demonstrate exactly two distinct methods of authentication, whereas Multi-Factor Authentication (MFA) requires users to demonstrate a MINIMUM of two distinct methods of authentication but can be more. So, all 2FA is MFA, but not all MFA is 2FA. If you are new to the world of...

read more
New Android malware bypasses multi-factor authentication to steal your passwords

New Android malware bypasses multi-factor authentication to steal your passwords

Cybersecurity researchers uncover MaliBot, a powerful new Android malware that steals passwords, bank details and cryptocurrency wallets from users. Besides being able to siphon passwords and cookies of the victim's Google account, the malware is designed to swipe your 2-factor authentication codes from the Google Authenticator app as well as exfiltrate sensitive information such as total balances and seed phrases from Binance and Trust Wallet apps. The malware has been detailed...

read more
Your browser stores passwords and sensitive data in plain text

Your browser stores passwords and sensitive data in plain text

Lots of people use their browser to save their passwords, but most browsers store your sensitive data, including usernames, passwords and session cookies in plain text (not encrypted). Most Chromium-based web browsers are affected, including Google Chrome and Microsoft Edge. A quick test on other browsers such as Brave and Mozilla's Firefox conforms that these browsers also storing this data insecurely in plain text as well. Physical access to your machine is not required, as remote access or...

read more
Cryptocurrency Investment Fraud Advice

Cryptocurrency Investment Fraud Advice

I have always taught my kids about scams, online safety and security since an early age, yet despite my efforts, one of my sons still managed to get scammed by one of these scumbag fraudsters recently, emptying his bank account. As any parent will know, kids generally refuse to listen to any advise their parents give them, so I am hoping this is a painful lesson learnt and he will heed my advice in the future. In the meantime I thought I would share some advice with the rest of my readers,...

read more
Are you aware of company fraud? As a business owner, you really should be

Are you aware of company fraud? As a business owner, you really should be

Did you know that company directors are twice as likely to be victims of ID fraud than anyone else. It’s easy to see why when you consider just how easy it is for someone to commit fraud against your company. Companies House, the UK’s registrar of companies, will happily accept documents submitted via post ‘on good faith’. This means any person can simply complete a form with a fake signature and make changes to your business without your consent or knowledge. This includes:- Change your...

read more
10 Best Practices for Business Email Security for 2022

10 Best Practices for Business Email Security for 2022

Email is a leading communication tool for businesses around the world. It’s widely used for both internal and external collaboration. Nevertheless, it’s not innately secure, and is email spoofing is commonly used by cybercriminals.  Email spoofing is the creation of email messages with a forged sender address. Criminals will use this technique to send emails purporting to be from YOUR domain. Cybercriminals actively use email channels to distribute malware, spread...

read more
Improve your Google Chrome security (it’s not secure by default)

Improve your Google Chrome security (it’s not secure by default)

Google Chrome is about as common in office spaces as a water cooler or a coffee maker. Chrome is also becoming king elsewhere, unless the systems are Macs, and Safari is the browser of choice. With its minimalist, crisp interface and Google brand, most people are quickly satisfied. Even MSPs, with too many other things to handle and not enough people to handle them, can also be sometimes lulled into Chrome complacency. Google is great for its ease of use, but that also makes things easier for...

read more
How your kids are bypassing parental controls

How your kids are bypassing parental controls

With 4 kids, 3 of which are teenagers, I have been dealing with parental controls for quite a few years now and I can tell you it is a neverending job and it is hard work. Even as an IT person I have struggled to keep on top of it and my kids have managed to get round my security on several occasions. There are all sorts of potential dangers online, from cyber-scammers to stalkers and grooming gangs. But all your average teen sees is loads of funny videos, endless Buzzfeed quizzes and...

read more
hire me on peopleperhour

Categories