Skip to main content

The WiKID Blog

Viewing posts tagged Authentication Attacks

Securing Google Apps for Your Domain

I think there are two markets for Google Apps for your domain.  One is in education where you want to get the management of student accounts off your shoulders.  The other is real companies that like the web, use the web and want to cloud-source their infrastructure.  Twitter is clearly one of the latter and they recently realized the risks they were taking in doing so

A cautionary tale

Recently,  A Small Orange, a web-hosting company was attacked and their server taken down.  I hadn't heard of them, despite the fact that they are based in Atlanta.  Here are the details of the attack:  http://forums.asmallorange.com/index.php?showtopic=12908.

The lessons from Guy Kawaski's twitter attack

The lessons are sadly the same.  Static passwords are weak and DNS is weak.  The answer is two-factor authentication and either mutual https authentication or better DNS.  Since DNS is unlikely to be fixed any time soon...

The ultimate target may not be you

Small-to-medium sized businesses often assume that they are not important enough to attract attackers.  Yet, here's an example of corporate espionage where the attacker stole username and passwords for webmail accounts at a small marketing firm doing work for a large electronics manufacturer:

Torpig data shows that even SSL logins are vulnerable

From the fascinating analysis of the Torpig botnet:

Recent Posts

Archive

2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom