Your source for IT news and tech tips.
| Iranian Phishers Bypass 2FA Protections Offered by Yahoo Mail and Gmail | Ars Technica | A recent phishing campaign targeting U.S. government officials, activists, and journalists is notable for using a technique that allowed the attackers to bypass two-factor authentication protections offered by services such as Gmail and Yahoo Mail, researchers said last week. The event underscores the risks of 2FA that relies on one-tap logins or one-time passwords, particularly if the latter are sent in SMS messages to phones. | Another Google+ Data Bug Exposes Info for 52.5 Million Users | Engadget | Google's semi-defunct social media platform Google+ has suffered its second data breach in three months and, as a result, will be completely shuttered in April, four months earlier than previously planned. | 5 Cloud Security Trends to Watch in 2019 | TechRepublic | Here are five key cloud security trends businesses must pay attention to to keep their workloads and data safe in 2019, according to a report from Palo Alto Networks. #1 on the list: Account compromises will increase in scale and velocity. Enterprises should operate with the mindset that it's a matter of when, not if, an account compromise attempt will occur, and must implement monitoring to detect and respond to suspicious user activities, according to the report. (If you manage SaaS apps, BetterCloud's Activity-based Alerts can help with that.) | Equifax's 'Aggressive Growth Strategy' Contributed to IT Complexity and Failure | CIO Dive | Equifax's "aggressive growth strategy" played a role in the increasing "complexity" of its IT system, contributing to its security inadequacies and the 2017 data breach, according to a report from the U.S. House of Representatives Committee on Oversight and Government Reform. Additionally, Equifax was operating on custom-built IT systems, which "adds more complexity," said former CIO Graeme Payne. |
|
|
| How to Create Easy to Remember Strong Passwords | Medium | "A lot of my career in IT work has focused on protecting data. Part of my job was to enforce password guidelines and train people on how to properly secure their data. I’d cringe every time I found a sticky note with a string of numbers and letters taped to the back of a picture frame or tucked under a keyboard. I understand, I really do. Over the years I developed my own three-step method for generating strong passwords that are easy to remember," writes Christine Brennan. | How to Create Rules in Gmail for (Almost) Anything | Lifewire | By applying specific filters to your Gmail account you can dictate various behaviors including how certain emails are labeled, whether or not they are automatically archived or deleted, or if they are marked with a star. |
|
|
| Google Smart Lock: The Complete Guide | Computerworld | Google Smart Lock can simplify security and save you time on Android, Chrome OS, and even Mac and Windows. Are you taking advantage of all it has to offer? |
|
|
| SaaS Updates Summary: December 10 – December 14 | BetterCloud Monitor | Last week, Google released a handful of updates. G Suite admins can now view company-owned desktop and mobile devices in one place, control access to G Suite apps and services using Groups, and get better info on spam messages in email log search. Google also released new features for Hangouts Meet and the G Suite security center. Say farewell to a few things: Google Fusion Tables will be shut down next December, and the Admin console "Uninstall" feature for apps will be removed next January. |
|
|
|