Two-Factor Authentication


  Authentication founded on at least two of the three types: something a user knows, is or has. To gain access into a system the user must be able to exhibit both factors.

Read More’s Friday Security Roundup – June 19, 2015’s Friday Security Roundup – June 19, 2015 Happy birthday to Blaise Pascal and the FCC! This week’s Security Roundup tips its hat to the French mathematics pioneer and inventor who helped define what would later evolve into the scientific method, developed an early mechanical calculator and (as a side project) invented roulette. Today’s Federal Communications […]

Read More’s Friday Security Roundup – May 29, 2015


    Happy birthday Peter Higgs and the Rite of Spring! This weeks’ Friday Security Roundup salutes the theoretical physicist who won the Nobel prize for working out a well-regarded mechanism for how the universe works (and lent his name to “the most sought-after particle in modern physics”) and also Igor Stravinsky’s ballet, which famously caused quite the […]

Read More’s Friday Security Roundup – May 15, 2015


    It’s May 15th – which as you no doubt already know is both the 45th anniversary of the selection of the first two female generals in the U. S. Army and the 94th anniversary of the Winnipeg General Strike. (Both of these historical turning points should be taught in schools – if only […]

Read More

FREAK Frenzy: Router Manufacturer Re-uses Weak RSA Key 28,394 Times


  Gobs of Routers Found to Be Vulnerable to FREAK Attack Leave it to the Brits. Some researchers from Royal Holloway of the University of London were curious about how many devices they could find on the internet that were still vulnerable to a FREAK attack. The short answer: quite a lot – and they reported […]

Read More

FREAK Show Time Machine: Apple and Android SSL Open to Snoopers?


  Yeah, the Hot Tub Time Machine movies weren’t as good as they could have been for some reason, but we’re going to be hopping in today. The recent announcement about OpenSSL, iOS and OS X tricked into using weak 1990s-grade encryption keys (h/t to El Reg) had us wondering if those in charge of […]

Read More

Superfish Adware: Uh Oh, Lenovo


  Uh oh, Lenovo. As we learned from Moonpig recently, when something is wrong, you do not want to wait to take care of the problem. In the case of Superfish adware on some Lenovo computers, we have a company that denied the adware was all that bad at first before finally taking action. We’re going to […]

Read More

SSL Best Practices: a Quick and Dirty Guide


  TLS/SSL is super simple to install and deploy on your server, but it’s still nice to see a list of SSL best practices, which is why we’ve put together this page. If you do not set it up correctly, you’re not going to protect your data and may run into problems. This is another reason it’s […]

Read More

New Security Technologies You Need to Know About


  Technology is evolving at an ever quickening pace, and it’s important to stay as up to date as possible when it comes to information security technologies. We’ve put together a list of five different things you should have on your radar. While you may have heard of some of these before, we may have one […]

Read More

How the Sony Hack Affects You


  Just to be clear, we’re talking about the big Sony hack in late November 2014, which involved massive data breeches, Hollywood stars, racy pictures and lots of money – NOT the massive Denial of Service attack Sony’s online gaming service suffered over Christmas. (Just to bring that story up to date: the hacker gang Lizard […]

Read More