Password standards: 2024 requirements
Discontinuing mandatory password rotations, banning outdated MFA methods, and other updates in the NIST SP 800-63 standards for digital account authentication and management.
Economics. Eschatology. Infosec.
89 articles
Discontinuing mandatory password rotations, banning outdated MFA methods, and other updates in the NIST SP 800-63 standards for digital account authentication and management.
Many of us have dozens of online subscriptions and recurring payments. How to take control, save money, and stay on top of expenses?
Where and why quantum-resistant cryptography has already been implemented, and what compatibility issues it caused.
Why and how to create a local backup of cloud data, taking Notion as an example.
Worried about your access to Telegram and its privacy after Pavel Durov’s arrest? Here’s what you should (and shouldn’t!) do right now.
Windows Downdate is an attack that can roll back updates to your OS to reintroduce vulnerabilities and allow attackers to take full control of your system. How to mitigate the risk?
How to protect the less obvious parts of your IT infrastructure (and from what) — from printers and video surveillance kit to insulin pumps.
Small beacons like AirTag make it easy to find a lost wallet or keys — but are also often used for covert tracking. Now you can detect stalkers and protect yourself — regardless of what kind of smartphone you have.
Cybercriminals are using AitM techniques to compromise accounts of company executives. How do they do this, and how to protect against it?
Even at cruising altitude, cyberthreats can still ground your digital life — as proven by a recent arrest. How to protect yourself at 30,000 feet above sea level?
A new vulnerability allows remote attackers to gain root privileges on Linux servers. How easy is it for CVE-2024-6387 to be exploited – and how to prevent it
The new AI function in Microsoft Windows has already been dubbed a “security nightmare” on the internet. What risks does it carry, and how to stay safe?
The exact location of your router is publicly available through global Wi-Fi geolocation databases. Let’s explore why this is necessary, and the risks it entails and how to mitigate them.
Based on our analysis of ZKTeco vulnerabilities, we dissect the risks associated with biometric authentication.
How to use private browsing mode, what it doesn’t protect against, and why Google is deleting five billion dollars’ worth of user data.
Today we discuss which services and applications should be patched first, and what attackers are focusing on.
We explore whether it’s possible to reveal all your secrets via your smartphone’s on-screen keyboard.
What are the most common MITRE ATT&CK techniques encountered in real-world incidents — and how to neutralize them? We investigate using statistics from Incident Response and MDR services!
Can you catch malware by downloading files from Microsoft’s repositories on GitHub? Turns out, you can. Stay alert!