Reusing passwords or using the same password all over the place is like carrying one key that unlocks your house, your car, your office, your briefcase, and your safety deposit box. If you reuse passwords for more than one computer, account, website, or other secure system, keep in mind that all of those computers, accounts, websites and secure systems will be only as secure as the least secure system on which you have used that password. Don't enter your password on untrusted systems. One lost key could let a thief unlock all the doors. Remember: Change your passwords on a schedule to keep them fresh.
The Senate Intelligence Committee will vote Tuesday on a bill that would allow companies to share information about digital threats, but the legislation faces potential roadblocks over concerns it could boost surveillance efforts and endanger net neutrality. Additional information can be found here.
It's inevitable that at some point at a college or university a request for sensitive data will be made to the owning department for a research project, a cross departmental project, or even a report to upper management. All of these scenarios are common and acceptable requests, however, the method used to transmit or share the requested confidential data is critical to the safety and security of that data. Here is an example of using an incorrect transmission method and the repercussions that followed.
- Approval of the data owning department is given (preferably in writing).
- A secure, encrypted transmission method is setup to send and receive the data.
- Communication! If you're unsure transmitting this data is appropriate or safe contact your security team.
Email phishing continues to increase and the attackers are constantly looking for better ways to trick you. Phishers have their sites focused on PayPal now more than ever. Read this SC Magazine article summarizing "The Internet Threats Trend Report April 2014" to learn more.
You know that little padlock icon you look for to ensure your Web traffic is encrypted and secure? It turns out that you might not be as secure as you think thanks to a vulnerability that was accidentally introduced into the code of OpenSSL.
Apple rushed to release iOS 7.0.6 on Friday and OS X 10.9.2 today with patches for a shockingly overlooked SSL encryption issue that leaves iPhone, iPad and Mac computer users open to a man-in-the-middle (MITM) attack. All users of iOS 7 and Mac OS X Mavericks (10.9) should download and apply these patches. The vulnerability is not present in versions of OS X prior to OS X 10.9 Mavericks or iOS prior to iOS 6.