Viewing posts by admin
citrix-and-security
Posted by: admin 16 years, 3 months ago
PDP has recently pointed out how easy it is to hack into poorly configured Citrix servers, which can easily be found via Google et al. He's also posted information on how to hack Citrix in a more forceful way. So, it is a good thing that we've posted documentation on how to protect Citrix with WiKID two-factor authentication. Also, yesterday, I posted a similar how-to document for protecting for GoToMyPC Corporate.
higher-quality-info-will-cost-you-black-market
Posted by: admin 16 years, 3 months ago
Check out the McAfee Avert blog for look at the black market for banking information. Accounts with high balances cost more, but have guarantees:
For such prices, the seller offers some guaranties. For example, the purchase is covered by replacement, if you are unable - within the 24 hours - to log into the account using the provided details.So now the banks know how long they have to spot a compromised account to drive the profits out of the black market.
moved-the-webserver-to-amazon-ec2-is-is-faster
Posted by: admin 16 years, 3 months ago
We've moved our web-server to the cloud. We're getting more traffic and we've been using more bandwidth for development, so we decided to move the server to Amazon's EC2. This may be temporary depending on how it holds up. It's a little disconcerting to have your website out there in the ether.
choicepoint-stiock-drops-10-percent-in-one-day
Posted by: admin 16 years, 3 months ago
As we have discussed elsewhere in this Blog, there is value in protecting your information assets. We've talked about the impact of information security breaches on stock price. Well, Choicepoint provides a good case in point. This was not a “hacker” attack as labeled in the popular press (further moving the definition of that word from its original meaning), but rather a traditional scam that took advantage of a lax credentialling process (yes, Irony with a capital I) that apparently is fax-based.
checkfree-breach
Posted by: admin 16 years, 3 months ago
Hackers on Tuesday hijacked the Web site CheckFree.com, one of the largest online bill payment companies, redirecting an unknown number of visitors to a Web address that tried to install malicious software on visitors' computers, the company said today.First, I find it very hard to believe that you would hijack the domain for one of the world's largest payment processor and only try to install malware.
Recent Posts
- Blast-RADIUS attack
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
Archive
2024
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)