Year: 2018

The U.S. National Institute of Standards and Technology (NIST) has just released version 1.1 of its Cybersecurity Framework. President Obama commissioned the first draft of this sprawling document in 2013 to standardize how government agencies approached cybersecurity. But it’s not just the U.S. government who can benefit from it. Version 1.1 of the Cybersecurity Framework…

Imagine if the next time you sent a birthday card to a friend, somebody else opened it first. In this scenario, the crook was looking for any cash you might have included in the card before forwarding it on to its rightful owner. This is precisely the concept of a Man-in-the-Middle (MiTM) attack. First documented…

In recent years, massive data breaches have become regular news items – and for a good reason. During these attacks, millions of credentials are leaked and made available to malicious actors. With them, hackers have free reign to attack other sites in the hope of gaining access to user accounts. But there is another, considerable…

Facebook CEO Mark Zuckerberg has been in the news for all the wrong reasons lately. And his timing couldn’t be worse. As GDPR comes into full effect, the Facebook boss has been busy explaining how data firm Cambridge Analytica appropriated information on over 80 million potential voters in the U.S. But as big as this…

What would you do if a message like this appeared on your computer screen? “Your computer has been compromised. To unlock it, you must pay $1,000 within 24 hours. If you do not send the money within the allotted time, all of your files will be encrypted – permanently”. Every day, thousands of people receive…

This year, World Password Day falls on May 3. An initiative devised to make you think about how well you secure your accounts; this annual event started in 2013. It may not be the most alluring celebration, but the organizers of World Password Day are on a mission. So, there’s no time like the present…

Cybercriminals steal user credentials in several ways. With this lucrative user data, hackers steal funds, confidential information, and even identities. In many cases, hackers acquire sets of credentials leaked during massive data breaches from the Dark Web, but more targeted attacks are common too. Some cybercriminals harvest credentials from individuals using keyloggers. Experts believe that…

The hackers that breached the Democratic National Committee and Hillary Clinton’s presidential campaign used targeted phishing. And the next victim of an attack like this could be you. In targeted phishing attacks, cybercriminals send tailored emails to specific users to try and lure them into clicking on malicious links or attachments containing malware. As soon…

It started out as a reliable way to protect websites from the blight of automated bots. But the Completely Automated Public Turing test to tell Computers and Humans Apart, or CAPTCHA, may have met its match. Recent developments in AI software have proven very successful in beating many manifestations of this widely-used test. In many…

A common dictionary attack uses a list of words to guess the passwords for user accounts. It’s a simple tactic to understand, but much harder to mitigate. It all stems back to bad password choices The Oxford English Dictionary defines a dictionary attack as “an attempt to gain illicit access to a computer system by…