A how-not-to guide to password policies
Examples of password policies that will have users tearing their hair out — and why you shouldn’t employ them.
656 articles
Examples of password policies that will have users tearing their hair out — and why you shouldn’t employ them.
We propose six principles of ethical use of AI in the cybersecurity industry — to be presented at the global Internet Governance Forum.
We look at a new sophisticated attack on AMD and Intel integrated graphics cards.
How to choose a secure mobile platform for work.
How online services should store user passwords, and how to minimize the damage in the event of a leak or hack.
A few words on why desktop applications based on the Electron framework should be approached with caution.
How to protect a company’s reputation from illegal use of its name on the internet.
Attackers invite employees to complete fake self-evaluations to steal corporate credentials.
What tasks needlessly overload infosec experts, and how to break the curse of overtime.
Why the Windows system time can suddenly change, and how to stop it from happening.
Why criminals want to hack your website, how they might use it in new attacks, and how to stop them.
We explain what OSINT is, why it has to be front-of-mind at all times, and how to guard against hackers using it.
Some thoughts on what PC software patches should be prioritized and why.
Offboarded employees often retain access to work information. What are the risks, and how to deal with them?
Explaining an issue in popular PC and server CPUs in simple terms.
Gadgets to help protect employees’ devices against hackers and other threats.
What caused a mass vulnerability in VPN clients, and how to keep them working.
It means that some companies still have not installed MS Office patches that were published 5 years ago.
How social engineering helped hack the CIA chief, hijack Elon Musk and Joe Biden’s Twitter accounts, and steal half-a-billion dollars.
Legacy systems continue to toil away in embedded solutions, medical equipment, and precision instruments. How can the respective security risks be mitigated?
Fake websites and email addresses are often used in phishing and targeted attacks. How do fake domains get created, and how to spot one?