Posted in authentication deep thoughts online security risk useful stuff

galaxy s5 fingerprint authentication and lastpass

Interesting blog post from Graham Cluley on LastPass’ support for using the Galaxy S5’s fingerprint reader as the key to…

Posted in authentication best practices

a new, saner approach to password policies

In this article over at Ars Technica, we get the scoop on Standford University’s new password policies which vary the…

Posted in best practices hacks online security

heartbleed attack on ssl vpns

Heartbleed strikes again… according to respected security consulting firm Mandiant, one of its corporate customers’ SSL VPN appliances was compromised…

Posted in risk systemic risk worst practices

how not to do a risk assessment

So, the risk management mavens for the City of Portland, Oregon have provided us all with an object lesson in…

Posted in hacks online security

surprise heartbleed headache for Google Chrome users

If you are using Google Chrome to surf the series of tubes we professionals cal the Interwebs, you need to…

Posted in hacks online security

not vulnerable to Heartbleed? not so fast…

Think your sites are safe from Heartbleed related sploits?  Not so fast, sunshine… According to one pen tester, many of…

Posted in hacks online security

let the games begin

Aaaand we now have our first confirmed breach of data tied to Heartbleed – the Canadian Revenue Authority has reported…

Posted in authentication hacks online security worst practices

heartbleed forecast: continued heartburn

It seems like Heartbleed is going to be keeping  infosec people busy  for a while. First, multiple people have succeeded…

Posted in awareness best practices CSO

Keep your users informed with SANS’ OUCH! newsletter

  SANS recently published the latest edition of their “OUCH!” security newsletter for end users – this month’s topic is…