Call Us (877) 740-5028
Two-factor authentication is a best practice to fulfill authorization and authentication requirements for HIPAA compliance or PCI DSS compliance and can protect your data and business. To gain a better understanding, Online Tech’s Technical Team shares this quick tech tutorial on two-factor authentication. Listen to an audio version of the interview. Q: What is two-factor authentication? A: Two-factor authentication goes beyond using a user name and password. It puts a new piece of technology in the mix for better security. Q: How does two-factor authentication work differently than logging in with a normal user name and password? A: Here is an example of how two-factor authentication works. You have a user requesting access to a system. That user is going to authenticate through a firewall. It’s going to hit a domain controller to make sure that’s a valid user. Then, it is going to send it to a cell phone and on that cell phone it is going to say approve or deny access. Once that cell phone sends it to the firewall permission is granted and the person has VPN access. If they don’t have a valid user name, password, or the cell phone setup correctly; they will not…
We’ve got three webinars lined up for the month of June with IT security professionals to help educate you and take your questions about encryption. For the first one of the series, join Chris Heuman, Practice Leader for RISC Management and Consulting for a discussion on the value of encryption for HIPAA, PCI and many other regulatory frameworks and the successful components of a data security program that integrates encryption. Find out how you can sign up online for Encryption – Perspective on Privacy, Security & Compliance. The second in the encryption webinar series features Mark Stanislav, Security Evangelist at Duo Security as he discusses encryption for Linux, and Farooq Ahmed, Software Development Manager of Online Tech who will cover encryption for Windows. Sign up for Encryption at the Software Level: Linux and Windows. For the third and final encryption webinar, join Steve Aiello, Systems Support Manager at Online Tech for a presentation on encryption at the hardware and storage level. Title: Encryption at the Hardware and Storage Level When: Tuesday, June 25, 2013 @2PM ET Register: Find the GoToMeeting link at our website. Description: Join Steve Aiello, Systems Support Manager at Online Tech for an informative webinar on encryption…
This month there are nine updates within the Microsoft security bulletin. Two are due to remote code execution vulnerabilities, while many of the important-rated patches are due to weaknesses that could allow an elevation of privilege. The first critical update was a cumulative update for Internet Explorer, resolving two reported vulnerabilities that would have allowed remote code execution. In order for an attacker to exploit this, a user would simply have to view a specially crafted webpage while using Internet Explorer. This update affects Internet Explorer 6 through 10. A full list of the affected softwares and their severity rating can be found on the bulletin. The other critical update is for another remote code execution vulnerability, this time involving Windows Remote Desktop Client. If a user views a specially crafted web page, the attacker has the opportunity to gain the same rights as the user. For both of these updates Microsoft reminded readers that setting up accounts with only as many user rights as necessary can help lower the effects to these types of attacks, as the attacker doesn’t get as many freedoms as if everyone on the system had administrator level access. Rated ‘important’, there was a vulnerability…
In the latest distributed denial of service (DDoS) attack from the hacktivist group Izz ad-Din al-Qassam Cyber Fighters, six banks were hit simultaneously last week. In a Bank Info Security article, Radware’s security expert Carl Herberger explained that the hit on March 12th was the largest number of banks to be attacked in a single day. The hacktivists called out Bank of America, BB&T, Capital One, Chase, Citibank, Fifth Third Bancorp, PNC, Union Bank and U.S. Bancorp as their latest targets. Keynote systems found PNC, BB&T, as well as Chase affected on March 12th, although which other banks were hit is currently unclear. Bank Info Security reports that Chase had been unavailable for most of the time from 2PM EST to 11PM EST last Tuesday. This isn’t the only large DDoS attack that’s occurred lately. Earlier this month, Prolexic told of a U.S. electric utility company that was targeted, taking its website, online payment, and pay-by-phone systems down for two days. During that time, the utility provider’s one million customers weren’t able to pay their bills online, or by calling. Also, employees were not able to receive phone calls externally. While the attack was similar to the ones currently plaguing…
Let the data demand ‘Madness’ begin in basketball arenas and workplaces across the country. The NCAA announced the teams participating in its postseason basketball tournament on Sunday, triggering the start of office pools, extended lunch hours and an incredible demand on company bandwidth. The first two days of March Madness take place during work hours on Thursday and Friday and 86 percent of fans say they’ll watch games or check scores at work. Outplacement firm Challenger, Gray & Christmas found that American businesses stand to lose close to $4 billion in productivity over the entirety of the 16-day tournament. Since CBS first struck a deal with Yahoo! In 2003 to offer live streaming of the tournament, the popularity of online viewing has skyrocketed. The Internet Innovation Alliance estimated more than 17 million total hours of streamed games online via computer, tablet or smartphone in 2012. Smartphones and tablets changed the game in recent years. The tournament’s live-streaming games are accessible to office workers who have sports and entertainment sites blocked by employers, as well as those workers who aren’t in front of a computer during the workday. After the first round of last year’s tournament, comScore measured a 79 percent…
On Tuesday, Microsoft released their security bulletin for the month of March. This marks the second month in a row that Microsoft has needed a cumulative security update for Internet Explorer, again patching remote code execution vulnerabilities within the browser. Of the seven updates, four are considered critical, the others rated important. The update for Internet Explorer patches nine vulnerabilities, one of which was publicly disclosed, and can be exploited in the event that a user views a specially crafted web-page using IE. This is rated critical for Internet Explorer 6-10. It will require a restart. There were also remote code execution vulnerabilities found within Microsoft Silverlight and all supported versions of Microsoft Visio Viewer 2010. Both of these vulnerabilities at their worst could allow the attacker to gain the same rights as the user. Last of the critical updates addresses four vulnerabilities found in Microsoft SharePoint and SharePoint Foundation. In the event that a user clicks on a specially crafted URL and goes to a targeted SharePoint site, the attacker has the potential to successfully execute an elevation of privilege exploit. Microsoft has resolved these issues by making changes to the way Microsoft SharePoint server validates URLs and user…
On Saturday the online SaaS (software as a service) note-collecting Evernote posted a blog with subsequent email stating that they had discovered and blocked unauthorized activity on their network. In response to the attack, they reset the passwords of the nearly 50 million people that are currently using their system. Evernote explained that their passwords were both salted and hashed. The company still felt inclined, for safety’s sake, to implement the password reset. I personally think taking this approach, although mildly inconvenient for the people who have to change their passwords, is ultimately smarter for the company, and shows a great respect for their user’s security (ABC News reports that Evernote was the only hacked company that has ever required the reset). The data accessed included usernames, encrypted passwords, and email addresses, although none of the user’s content was available: “In our security investigation, we have found no evidence that any of the content that you store in Evernote was accessed, changed, or lost. We also have no evidence that any payment information for Evernote Premium or Evernote Business customers was accessed.” In response to this breach, Evernote has decided to speed up the setup of their two-factor authentication. In…
Internet Explorer takes the spotlight in this month’s Microsoft Security Updates. There were 12 updates for February, 5 of which are considered critical. Here’s the lowdown on the five critical vulnerabilities covered on Tuesday. Cumulative Security Update for Internet Explorer and a Vulnerability in the Vector Markup Language Both of these updates are relevant for IE 6-10, and both are to protect against vulnerabilities that could allow for remote code execution. If a user visits a specially crafted web page within Internet Explorer, an attacker could be given the same level of rights reserved for the user. All of these issues are related to the way IE handles objects in memory, and should be applied immediately. Vulnerability in Media Decompression This came from a publicly disclosed vulnerability in Microsoft Windows. This is a critical update for all editions of Windows XP, Windows Server 2003 and 2008, as well as Vista. Another remote code execution patch, this vulnerability could be exploited if a user opened a specially crafted media file, an Office document with embedded media files, or streaming content. This issues was corrected by focusing on the way DirectShow handles specially made media content. This may require a restart. Vulnerabilities…
Last month, the U.S. Department of Energy had its computer systems hacked. Last Friday, an email was sent to all the employees explaining that their Washington location had been compromised, making off with the personal information of employees and contractors. The DOE, who maintains control of important functions such as nuclear reactor production, energy conservation research and implementation, energy production, and radioactive waste disposal, says that none of the information taken was confidential. In an email to its employees, the DOE explained that it was taking steps to keep this from happening again in the future: ‘The Department is also leading an aggressive effort to reduce the likelihood of these events occurring again. These efforts include leveraging the combined expertise and capabilities of the Department’s Joint Cybersecurity Coordination Center to address this incident, increasing monitoring across all of the Department’s networks and deploying specialized defense tools to protect sensitive assets.’ Similarly, this week the Federal Reserve admitted that it had one of its internal sites breached. Coupled with this attack is a claim by the activist group Anonymous that they had attacked the Fed, and had the personal information of over 4,000 bank executives to prove it. The Federal Reserve…
Last Friday, Twitter’s Bob Lord, Director of Information Security released a blogpost stating that they had detected ‘unusual access patterns that led us to identifying unauthorized access attempts to Twitter user data’. They were able to shut down the attack that they found, but believe that the attackers may have been able to access user information for around 250 thousand people. The information potentially accessed includes usernames, email addresses, session tokens, and encrypted passwords. Twitter also salts their passwords, which involves adding arbitrary characters within password strings. This blogpost comes the day after the New York Times reported having employee usernames and passwords stolen, and on the same day as both the Wall Street Journal, and the Washington Post. Bob Lord explains that these were professionals, and likens them to these other attacks. In response to this, Twitter changed the passwords for all affected accounts, and emailed everyone to let them know of the changes made: ‘As a precautionary security measure, we have reset passwords and revoked session tokens for these accounts. If your account was one of them, you will have recently received (or will shortly) an email from us at the address associated with your Twitter account notifying…
