Author: Admin

Zero trust is a good cybersecurity platform, but experts suggest care to get it right and not disenfranchise users. Image: iStockphoto/milo827 Thanks to the pandemic, the zero trust cybersecurity model has come into its own. However, like most things concerning cybersecurity, zero trust has a good side, a bad side and an ugly side. Before we get into that, there is a need to agree upon what zero trust means, as there are many different…

Docker Bench for Security is a simple way of checking for common best practices around your Docker deployments in production. Jack Wallen shows you how to use this tool. Image: Docker One of the biggest issues surrounding container deployments is security. This is such an issue because there are so many moving parts to be checked. You might have your container manifests perfectly secure, but what about your host? Or maybe your host is sound,…

Police in Chicago have arrested a former track and field coach for allegedly soliciting sexually explicit images from female athletes under false pretenses.  Chicago resident Steve Waithe was arrested on April 7 and charged with one count of wire fraud and one count of cyberstalking.  Waithe attended Loch Raven High School, where he was the Maryland State Champion in the triple jump. From 2014–15, the 28-year-old competed on Penn State’s track and field team. Coaching positions at Illinois…

The number of suspicious unemployment-related emails targeting Americans rose by 50% after the third round of stimulus checks was announced in late February, according to new data from Tessian’s threat intelligence team. News of the phishing surge comes after the United States Department of Justice warned that fraudsters are creating websites mimicking unemployment benefit websites, including state workforce agency (SWA) websites, “for the purpose of unlawfully capturing consumers’ personal information.” Threat researchers found that during the week of February 24,…

A new supply chain attack made the headlines, threat actors compromised at least one update server of smartphone maker Gigaset to deliver malware. The German device maker Gigaset was the victim of a supply chain attack, threat actors compromised at least one server of the company to deliver malware. Gigaset AG, formerly known as Siemens Home and Office Communication Devices, is a multinational corporation based Germany. The company is most active in the area of communications…

Jack Wallen shows you how to install and configure FreeRADIUS as a centralized SSH authentication tool. Image: iStock/structuresxx You might have a large number of Linux machines in your data center, most of which are managed by a team of admins. Those admins probably use secure shell to access those servers. Because of that, you might want to use a centralized location to manage the authentication of those admins. For that, you can employ a…

Nearly two-thirds of Americans avoid using websites or accounts for which they have forgotten their password, according to new research published today by LastPass. The password manager and Vault app maker commissioned OnePoll to survey 2,005 Americans about their password habits.  According to LastPass, the results show that the “long-standing trend of poor password behavior persists despite increasing risks online.”  Almost two-thirds (64%) of survey respondents admitted that they would avoid visiting certain websites or accounts where they’ve forgotten their…