security

  1. What is Multifactor Authentication, and Why is it Important?

    Multifactor authentication, also known as MFA, two-factor authentication, 2FA, two-step verification, or dual-factor authentication, is a security protocol that requires more than one type of security action to ensure one has the proper access to a website, tool, account, etc. Using a dual-factor approach is one of the most effective approaches to protecting what is yours.

    Today’s businesses are frequently trolled, and attempts are made to breach our online resources. In fact, according to duo.com, ‘more than 80% of hacking breaches involve brute force attacks or the use of lost or stolen credentials.’ A brute force attack is a hacking method that uses repeated approaches to crack passwords, login creds, and encryption to gain access. While this approach may sound remedial, it is effective and popular for hackers everywhere. But just as on the playing field, one of your best defenses is a good offense. Hence, there is a need for a multifactor authentication process.

  2. How To Choose a Secure Password

    Last month we talked about using a password tool, so you only have to keep up with one password. And while remembering a single password is great, it is important that password is a strong one that no human or AI technology can guess. And, while you may be using a password tool to store your info, it’s key that you use a different password for each service to limit your security exposure.

    So, what consideration do you need to have before choosing a password? After all, they are the first line of protection against your private information and no one- be it a large corporation or a single individual- is safe from being hacked or dealing with a data breach. Everyone is at risk of being a cyber victim, so choosing a good password is a must!

  3. The Benefits and Dangers of Using a Password Manager

    Open Sesame! As a child, perhaps you had a fort, tree house, or maybe just your bedroom where you required others to use a password to enter. It was a fun way to control who entered your space. However, in today’s society, passwords are such a common thing that they have, perhaps, become a necessary nuisance. And, for many people, the statement(s) they dislike seeing/hearing are “What is your password” or “create a password”.

    After all, creating a password means coming up with a series of letters, numbers and characters that are unique to you and a particular account. But beyond the creation of the password, becomes the need to remember said passwords. Considering the experts now say a password should be a minimum of 16 digits, keeping up with several passwords can seem like a job in itself- never mind the tasks associated with many logins! Thankfully, there is a way to make keeping up with passwords easier.

    However, despite the ease of use a password manager offers, surprisingly few people actually use one. In fact, a Consumer Reports survey found that only 39% of people use a password manager! Despite the low percentage of people using them, this in no way means they are not needed.

  4. Protecting Your Website: Lessons to Learn from the GoDaddy Breach

    Recently, GoDaddy announced that 1.2 million of their WordPress customers had been affected by unauthorized access. This breach was a result of GoDaddy’s use of plaintext passwords. This number does not include the many customers whose websites have been affected by the breach.

    The breach officially occurred in early September but was not identified until November 17th. GoDaddy responded quickly and took action to control and lessen the damage. However, it is believed that this data breach will have far-reaching consequences and that anyone who uses Go Daddy’s Managed WordPress arrangement should assume their site was affected until they hear otherwise.

  5. Imposter Domains: What They Are and How to Minimize Your Risks

    The word “Impostor” means “Phony, fraud, sham, pretender, cheat.”

    Nobody likes to be taken advantage of or to have their hard work stolen. Unfortunately, this is a crime that has been committed for centuries, and the cyber world is no exception. And while many people are aware of hacking, scams, and ransomware attacks, there are two additional ways that criminals are using the web – creating impostor domains and email spoofing, also known as Business Email Compromise (BEC).

    In recent weeks, the crime of Impostor Domains has made tech headlines. Impostor Domains, also known as a homoglyph, are defined by Glosbe as “a character identical or nearly identical in appearance to another, but which differs in the meaning it represents.” Microsoft defines the word as “the exploitation of similarities of alphanumeric characters by cybercriminals to create deceptive domains for unlawful impersonation of legitimate organizations.” The use of impostor domains is similar to another malicious practice is known as Typosquatting or URL hijacking, in which hackers intentionally register domains of well-known websites but with the domain intentionally misspelled.

  6. WordPress Hosting

    9 Key Aspects to Evaluate for Great WordPress Hosting

    Every day numerous websites are hacked. It doesn’t matter how large or small the company is, any site is fair game to hackers. These hacking attacks are typically achieved with ease because hacking can be automated via “bots.” These bots scan the Web and look for specific vulnerabilities on a website. Elements such as plugins or themes with known vulnerabilities make it easy for hackers to attack your site. So, what actions do you take to minimize your risk?  One of the first things you can do is choose a hosting provider who will be there for you in the event that your site still gets hit- despite your precautions!

    That sounds easy- right? Perhaps, but not every hosting provider is the same. Not only do hosting providers vary in price, but the packages, type of server, and services differ. But, before delving into the must-have list for host providers, let’s take a moment to explain the types of servers- as those will play a significant role in the host provider selection process.

  7. Phishing and Hacking on the Rise During the COVID-19 Pandemic

    One cannot go anywhere currently without Covid-19 being a part of the conversation. From retailers, restaurants, offices and places of worship, everyone has been affected. And, not surprisingly, the unscrupulous (hackers, phishing scams, and malware) on the Web have also found a way to take advantage of Covid-19.

    Hackers, scammers, and others have become so prevalent that Cloudflare (based out of the UK) recently reported that that online security threats have increased by 37% in just four weeks. In fact, Cloudflare reported that on some days it was blocking between four and six times the number of attacks normally seen! It was also noted by Google that in mid-April that every day there were over 18 million malware and phishing emails related to the pandemic. In addition, the organization behind Trickbot sent out hundreds of emails claiming to be from volunteer and humanitarian groups who offered testing and to have information regarding testing and medical advice. The Trickbot emails contained an assortment of attachments all designed to install malware onto the computer of anyone who opened it.

  8. How to Prevent Your Website from Being Hacked

    According to the 2019 Cybercrime Magazine study, website hacking will cost the world $5 trillion by 2021 -this is up by $3 trillion since 2015. Furthermore, cybercrime attacks are the fastest growing crimes in the U.S. Worse, the hackers are becoming more skilled and sophisticated than ever before. To put this in perspective, consider this: There are 111 billion lines of new software code written each year – meaning a significant amount of coding that can be exploited by hackers and more risks to your website’s security.