All in Tips & Best Practices
UPDATED December 16, 2021
If you are reading this, you likely have heard about Log4Shell, the December, 2021 critical zero-day remote-code execution vulnerability in the popular Log4j software library that is developed and maintained by the Apache Software Foundation. Apache has patched this vulnerability in version 2.15.0, however vendors who use this library will need to…
October is Cybersecurity Awareness Month and Breast Cancer Awareness Month. Since this is a cybersecurity blog, we will focus on cybersecurity but let’s take a moment to talk about the important topic of breast cancer.
The Colonial Pipeline ransomware attack took down the largest fuel pipeline in the United States and resulted in consumer hoarding of fuel and a short-term shortage of gasoline on the east coast of the U.S.. What could they have done to prevent this attack and what can you do today to prevent a similar attack?
It’s World Password Day!
Are your passwords strong enough?
Do you have a long, unique password for every account?
Do you use multi-factor authentication where available?
If you answered, “no” to any of these questions…
I have always considered myself pretty lucky in that I rarely receive fraudulent text messages. That luck recently ran out. Over the past few weeks I have noticed an uptick in the number of SMS phishing (smishing) messages that I receive on my phone. A few days ago, the smishing seemed to become even more frequent…
Annual cybersecurity reports are a rich resource of statistics and information for cybersecurity professionals, academics, journalists and anyone who is interested in cybersecurity. Below is a categorized list of many of these reports…
Tuesday, February 9th, 2021, marks the 18th edition of Safer Internet Day with the theme "Together for a better Internet." Safer Internet Day (SID) started as an EU SafeBorders project in 2004 and is now celebrated in approximately 170 countries worldwide. Each February…
Now that Black Friday and Cyber Monday are over, you may still be searching for some great deals. If so, you’ll hardly find a better deal than this one. Humble Bundle has teamed up with the great tech publisher, No Starch Press, to offer deeply discounted hacking e-books for as little as one dollar.
2020 has obviously been a strange and challenging year for everyone and this holiday season, shopping will be mostly online. Follow these 5 tips to better secure your holiday shopping experience.
There is no doubt that Google changed the world of the search engine and nothing made the resources of the Internet as accessible as Google. While it has over 90% of the global search engine market, some people have privacy concerns with using Google. This article provides an overview of those privacy concerns and shares some alternatives to using the search engine giant…
The challenge of protecting the privacy of people online while still providing free services and content, is a challenge that has been met with many attempted solutions. Unfortunately nothing has really worked well to date but the pressures of privacy legislation like GDPR, (Europe) LGPD (Brazil) and CCPA (California) are pushing technologists to figure out how to have each individual communicate their privacy desires to the websites that they visit. he latest attempt and solving this problem is…
Passwords continue to be one of the most hated parts of computing. Not only are they annoying to all of us who have to use them, but they also tend to be a common way that computers and online services are breached.
Here are some tips and links to previous BTH articles that will make your life easier and a lot more secure when it comes to authentication.
In late 2013, after the Adobe data breach, Australian cybersecurity expert, Troy Hunt, created the free web service, HaveIBeenPwned (HIBP), “as a free resource for anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or ‘pwned’ in a data breach.”
What does “pwned” mean? In this context, it basically means that…
Today starts the 17th annual Cybersecurity Awareness Month which is held every October and was created as a collaborative effort between governments and private industry to ensure that everyone has the resources they need to stay safer and more secure online. Read more…
Do you check the Between The Hacks social media accounts hourly to see if there is a new post? Are you clicking refresh on your web browser in anticipation of the next blog? If so, Between The Hacks is ready to give you back some time because with the new BTH mailing list!
This email mailing list will automatically send you an email the morning after a new BTH blog post.
Since we respect your security and privacy, all we ask for is your name and email address. And, if you don’t want to share your name, you can lie and enter a fake name (don’t lie about your email address or you won’t get any email updates).
Sign up now and don’t miss another riveting BTH post!
Cybersecurity Awareness Month starts in seven days and Between The Hacks is a Cybersecurity Awareness Month 2020 Champion. For the month of October, Between The Hacks, along with hundreds of other Champion organizations, will share and promote practices that support a safe and secure Internet experience.
In two weeks, the 2020 National Cybersecurity Awareness Month (NCSAM) will begin and Between The Hacks is a Cybersecurity Awareness Month 2020 Champion. Cybersecurity Awareness Month Champion organizations, which include companies, schools, school districts, colleges and universities, nonprofits and government entities, represent those dedicated to promoting a safer, more secure and more trusted Internet according to the National Cybersecurity Alliance.
For the month of October, Between the Hacks, along with hundreds…
About three months ago I started drafting a blog about vulnerabilities. This is a topic that I speak about frequently and is often misunderstood so I thought it would make for an easy and informative blog.
What I discovered is writing about this topic demands a lot more work than just speaking about it and this one blog has turned into many. So this week I am finally going to start a blog series on vulnerabilities where I will explain vulnerabilities at a level where the average computer user can understand the topic…
Pharming is a type of cyberattack that redirects a website’s traffic to a malicious site that appears to be the real site. Pharming is used frequently in phishing attacks to trick a victim into sharing login credentials, banking information, or other sensitive data with the attacker…
Phone scams are almost as as old as the telephone itself. In fact, most of us have likely been the target of a vishing attack but were not aware of the term, vishing. According to Proofpoint’s 2020 State of the Phish Report, only 25% of those polled were able to accurately define the term, vishing.
The term, vishing is a combination of the word voice, and the word, phishing (voice + phishing = vishing).
Vishing is a form of phishing that uses voice calls rather than email, to trick a victim into divulging personal, sensitive or confidential information to an attacker...
