Viewing posts by admin
dhs-predicts-more-brokerage-attacks
Posted by: admin 15 years, 3 months ago
The DHS is joining in on one of my earlier predictions: Brokerage accounts will be increasing targeted in the coming year. According to their post they are tempting accounts because they typically have more money in them. Further, typical anti-fraud transaction analysis doesn't really work because of the infrequency of transfers.
I'm convinced that brokerage accounts and other heavy transactions accounts will need cryptographically secure transaction authentication in addition to session and host/mutual authentication.
comment-status
Posted by: admin 15 years, 3 months ago
As with every blog out there, we've been battling comment and trackback spam. I had turned off comments altogether, but now have turned them back on. Comments are still protected by WiKID Strong Authentication, but you can add a comment anonymously. Here's how to do it:
features-and-functionality-for-consumer-acceptable
Posted by: admin 15 years, 3 months ago
Anton Chuvakin posts a response to this post about the PayPal tokens. These posts point out a number of desired features for broad-based consumer roll-out of two-factor authentication, such as the hope for a single token to work everywhere. but fail to mention that token won't stop phishing (one of the commenters does point that out).
banks-need-strong-authentication-desparately
Posted by: admin 15 years, 3 months ago
Forrester Research is urging banks to adopt additional security to fight phishing and other forms of fraud, including strong authentication.
How-to-get-an-unlimited-information-security
Posted by: admin 15 years, 3 months ago
In the past, I have blogged about how much to budget for info sec, how information security creates value for a company, and other posts designed to help info sec personnel make their case. Well, now I have decided that that is all bunk compared to the advice I am about to give. The new tactic: Bribery.
Recent Posts
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
- WiKID Android tokens had their data deleted over the weekend by Google Chrome bug
Archive
2024
- January (1)
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)