Tag Archives: passwords

Exciting Blog Changes Just Around the Corner

I am excited to announce the upcoming launch of our redesigned and refreshed blog.

Over the past six years, WatchGuard Security Center has provided IT professionals with breaking news and analysis about the most important information security (InfoSec) issues. Our mission has always been to distill the often complex topics of computer and network security into something any technical professional can understand and act on. Our newly redesigned blog, Secplicity, takes this mission to the next level.

Our team has worked hard to create a faster, easier to browse, and more useful blog for everyone interested in information security—based in part on your feedback. On top of the design changes, you’ll also enjoy more regular content, both written and video, from a more diverse group of authors and researchers. We also plan to cater our content to your questions and feedback.

The new site goes live in the next 48 hours. When it does, we’ll automatically redirect WatchGuardSecurityCenter.com visitors to the new Secplicity.org site. Your email, WordPress, and RSS subscriptions should continue to work, but in the event that you stop receiving updates please visit the blog and re-subscribe.

We’re looking forward to many more years of InfoSec community service, and hope you continue to visit us for the latest security news and analysis, simplified.

— Corey Nachreiner, CISSP (@SecAdept)

July 2016 Patch Day – Daily Security Byte EP. 289

It’s that time again. Patch Day! On the second Tuesday of the month, both Microsoft and Adobe release their security updates. This month, you should probably focus on Adobe’s updates first. If you use Adobe and Microsoft products, watch the video below to learn more, and check out the reference section to find links to the patches. 

(Episode Runtime: 3:16

Direct YouTube Link: https://www.youtube.com/watch?v=rsj41RqhyLs

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Password Sharing Illegal? – Daily Security Byte EP. 288

In general, security experts like me are against sharing passwords, even among family and friends. Sure, we can all think of cases where sharing passwords with family might be useful, but why not just setup privileged accounts for those family members?

However, today’s episode isn’t about whether or not password sharing is a risk, it’s about whether or not it’s even legal at all. A US appeals court made a ruling on a case recently, basing their decision on the Computer Fraud and Abuse Act (CFAA). The EFF thinks it’s a dangerous ruling, that would have a far-reaching affect on the legality of password sharing. Watch Monday’s video to learn what I think. 

(Episode Runtime: 4:46

Direct YouTube Link: https://www.youtube.com/watch?v=K1vpqFdTe7A

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

GoToMyPC Password Problem – Daily Security Byte EP. 275

There have been tons of big password leaks lately, like the ones that affected Twitter and Linkedin. These leaks certainly suck for the people that use the affected sites, but they can also affect the industry as a whole. Watch today’s video to learn how password leaks combined with password reuse has lead to problems for GoToMyPC users.

(Episode Runtime: 1:58

Direct YouTube Link: https://www.youtube.com/watch?v=VZJs1UpwLvE

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Password Reuse Botnet – Daily Security Byte EP. 265

Botnets are best know for DDoS attacks, where they generate huge floods of traffic that overwhelm their victims. However, newer botnets are slowing down their attacks to try stolen passwords on banking and e-commerce sites. Watch today’s video for a reminder of why not to reuse your password everywhere.

(Episode Runtime: 1:44)

Direct YouTube Link: https://www.youtube.com/watch?v=59U-9N597Lg

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

LinkedIn Loses 117M Credentials – Daily Security Byte EP. 264

In the middle of 2012, LinkedIn warned that attackers had stolen millions of their users’ credentials. That leak was bad enough, but it turns out the breach was much bigger than first reported. In today’s video, I share just how many passwords criminals are selling on the underground, and what LinkedIn users should do to protection their accounts.

(Episode Runtime: 2:31)

Direct YouTube Link: https://www.youtube.com/watch?v=z1Xvx_XODGU

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard receives Grand Trophy and five other 2016 Global Excellence Awards

2016-GEA-GrandIt was a busy week down at the RSA conference in San Francisco, but it kicked off right on Monday night when we learned that InfoSecurity Products Guide, the industry’s leading information security research and advisory guide, recognized WatchGuard Technologies as a Grand Trophy winner for their 2016 Global Excellence Awards®.

More than 50 judges from around the world formed a broad spectrum of industry voices and their average scores determined the 2016 Global Excellence Awards Finalists and Winners.

Beyond the Grand Trophy, we brought home a total of five Info Security Product Guide Global Excellence Awards in a diverse set of categories:

  • Gold Winner Award for Network Security and Management: WatchGuard Dimension Command
  • Gold Winner Award for Security Products and Solutions for Small Businesses and SOHO: WatchGuard Firebox T50
  • Silver Winner Award for Security Products and Solutions for Enterprise (Medium): APT Blocker
  • Bronze Winner Award for Integrated Security and Unified Threat Management: WatchGuard Firebox M300 Firewall (Firebox M300 running Fireware 11.10.4 firmware)
  • Bronze Winner Award for People Shaping Info Security: Corey Nachreiner, Chief Technology Officer at WatchGuard Technologies, for Raising InfoSecurity Awareness Through Education

Info Security Product Guide’s recognition of our products and personnel stands as further validation of this company’s commitment to best-in-class security solutions. We’re proud to receive yet another endorsement of WatchGuard’s vision and execution in the field of security for SMBs and enterprises, and for general education and awareness about infosecurity.

TaoBao Account Hijack – Daily Security Byte EP. 211

TaoBao, China’s Ebay, suffered a major account hijack where attackers accessed over 20M user accounts. However, the attack wasn’t the fault of the e-commerce site itself. Watch today’s video to learn how this happened, why it should concern everyone in the world, and what you can do about it.

(Episode Runtime: 2:47)

Direct YouTube Link: https://www.youtube.com/watch?v=DVFmSIz4ITQ

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Amazon 2FA – Daily Security Byte EP. 179

Great news for Black Friday shoppers who use Amazon! The well known online retailer has finally enabled free two-factor authentication (2FA) for its customers. Watch today’s video to learn why I think you should turn it on, and why I think 2FA is important for all IT organizations.

(Episode Runtime: 2:19)

Direct YouTube Link: https://www.youtube.com/watch?v=xzodlmJxyrE

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

000Webhost has 000 Security – Daily Security Byte EP. 169

A popular hosting company suffered a network breach and lost over 13M user records. Not only did the company not know about the breach until five months later, the stolen records included clear text passwords. Watch today’s video to see what you can learn from this web hoster’s mistakes; of which they made many.

(Episode Runtime: 2:23)

Direct YouTube Link: https://www.youtube.com/watch?v=ILnyVCV3spA

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

%d bloggers like this: