Subterms
Image: Getty/Erikona Highly skilled cyber attackers are using a never-before-seen technique to stealthily infect victims with malware by abusing legitimate tools. The campaign has been detailed by cybersecurity researchers at Symantec, who say that the attackers can spend more than 18 months inside the networks of victims, all while taking steps to ensure their activity […] More
Getty Images If there’s one profession that continues to dominate demand in tech hiring, it’s cybersecurity. Demand for cybersecurity staff has skyrocketed since ‘remote work’ entered the lexicon and businesses doubled down on their digital assets as a means of insuring them against future uncertainty. While the post-pandemic tech boom has been a blessing for […] More
We all need a supervisor. 1Password/Screenshot by Min Shin/ZDNET I’d ask you how you manage your passwords, but it feels like an excessively personal question. more Technically Incorrect I’ve heard so many different ways that people choose — or don’t — to keep their passwords secure. One friend, for example, uses the same password for […] More
Image: Getty Images/MoMo Productions Microsoft has rolled out ‘number matching’ in push notifications for its multi-factor authentication (MFA) app Microsoft Authenticator. The new advanced feature is generally available in Microsoft Authenticator and should help counter attacks on MFA that rely on push notification spam. More Microsoft Researchers earlier this year spotted so-called ‘MFA fatigue attacks’ […] More
Image: M-A-U / Getty Images Microsoft is warning that the relatively new Raspberry Robin USB drive worm has triggered payload alerts on nearly 3,000 devices in almost 1,000 organizations in the past 30 days. Raspberry Robin malware has previously been seen installed with FakeUpdates malware, which has been linked to the Russian cyber-crime group EvilCorp. […] More
Everyone depends on OpenSSL. You may not know it, but OpenSSL is what makes it possible to use secure Transport Layer Security (TLS) on Linux, Unix, Windows, and many other operating systems. It’s also what is used to lock down pretty much every secure communications and networking application and device out there. So we should […] More
Pros Good price FIDO2 and FIDO U2F support Cons Some setup required No NFC or biometric optionsMany devices now use biometrics to let you log in without the inconvenience of remembering and typing a password: it’s more secure, but it usually adds a little to the price of the device. If you use any devices that don’t have Windows Hello, Face ID or a fingerprint sensor then you must have a password on your account anyway. If you want to use two-factor authentication (2FA) or even go full passwordless but you still have older devices with no biometric hardware (or you prefer not to use biometrics), a FIDO2 hardware key will let you use the same cross-platform authentication that’s built into Windows, MacOS, iOS, Android, ChromeOS, Linux (although you may need to do a little more setup) and an increasing number of online services like Microsoft 365, Azure AD, Google Drive and more. More
Image: Getty/Manuel Breva Colmeiro One of the most popular security vulnerabilities among cyber criminals during the past few months is a software flaw in Microsoft Office that’s over five years old – and it continues to be exploited because, despite a longstanding available security update, many businesses still haven’t applied it. According to analysis by […] More
