SPEAR-PHISHING Spear-phishing is a targeted attempt to steal sensitive information such as account credentials or financial information from a specific victim, often for malicious reasons. This is achieved by acquiring personal details on the victim such as their friends, hometown, employer, locations they frequent, and what they have recently bought online. The attackers then disguise … Continue reading Infographics: Targeted victim – Spearphishing Attack
Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising as a trustworthy entity in an electronic communication. Bad guys are trying to phish in more than more ways to get the information they want. The core takeaway is be careful on what to entertain (whether … Continue reading Infographics: Most Common Forms of Phishing Attacks
A basic graphical explanation on how end-to-end encryption works.
Sharing the series of Infographics I have kept on my haul
Enforce TLS to a partner organization. You can create connectors to apply security restrictions to mail exchanges with a partner organization or service provider. A partner can be an organization you do business with, such as a bank. It can also be a third-party cloud service that provides services such as archiving, anti-spam, and filtering. … Continue reading Set up connectors for secure mail flow with a partner organization
Discovered a really cool tool to send notes that will self-destruct after being read. Good for sending passwords or information across discretely and securely. No log-ins or identity involved. All you need to do is generate a link to the note and has the option to notify you via email if it has been read. … Continue reading Send discrete, self-destructing notes via Privnote
Known issue to: FortiOS 5.2.x (can also apply to higher versions). But 5.4.x and later has already disabled weaker ciphers DES, RC4 and SSLv3, so Firewalls running on later version are less-prone to vulnerabilities. Recommendations/Mitigations: What does strong encryption do? Enabling the use of strong encryption will only allow strong ciphers such as: AES … Continue reading Fortigate 5.2 Vulnerability: SSH/SSL – Weak Encryptions
Found this checklist that is handy in performing securoty reviews for any firewalls. Make sure to compliment this with your firewall vendor's best-practice recommendation document in assessing your firewalls. Firewall-Audit-Checklist-WEB
Good news! Facebook now makes Two-Factor Authentication (2FA) easier to set up by allowing common third-party apps like Google Authenticator or Duo Security on both desktop and mobile. 2FA adds layer of security to your Facebook login by requiring you to provide a passcode or from “something that you have” (which is the 2FA generated … Continue reading Facebook adds Google Authenticator for Two-Factor Authentication
There is no excerpt because this is a protected post.