Tag: phishing

Authentication Best Practices to Protect Against Identity Phishing

Learn what strong authentication really is, why it’s key for enterprise-wide identity assurance.

Computer with multiple keyboards

Examining the CISO agenda in 2021

CISOs are paid to worry, and there’s a lot to worry about in 2021. The recent SolarWinds breach, the Capitol break-in, and a series of high-profile hacks are spurring many enterprises to re-examine their security strategies. We discuss what lies ahead with Yubico’s CISO, Chad Thunberg. Q: What’s top of mind for CISOs in 2021? The SolarWinds

Wrapping up 2020: A year where technology and internet security prevailed

Never has the world been more dependent on the internet, and never has it been more attacked than in 2020. In fact, it proved to be a year where trust in many of our systems was challenged. Yet I remain an eternal optimist and believe that we can transform the hard lessons learned in 2020

Improve your company’s cyber security training with top tips from a behavioral researcher

Today marks the final stretch of National Cyber Security Awareness Month (NCSAM), and for the final week, we decided to sit down with Sal Aurigemma, PhD, Associate Professor of Computer Information Systems at the University of Tulsa, to get his take on enterprise security training.  As with many other things that have been impacted by COVID,

Internet security myth-busters: Debunking 3 common misconceptions about two-factor authentication

October is National Cyber Security Awareness Month and this year, it comes at a time when we are using online services more than ever. The pandemic has forced many of us to almost entirely rely on our digital identities to work, shop, learn, and generally keep in touch, putting the resilience of authentication technologies to the test. 

Responding to the rising wave of social engineering attacks against remote workers

By now, it’s clear the pandemic has provided perfect conditions for many types of social engineering attacks. We’ve seen plenty of reports and warnings from the FBI, CISA, Interpol, and other reputable organizations about the growth in coronavirus-related attacks, from spear-phishing to vishing, ransomware, and more, as the world adapts to remote working and its associated risks.  In many ways, social

Minecraft or math lessons: which one could be the cause of your company’s next social engineering attack?

Your child’s math lesson is a clear and present threat to your company data, and believe it or not, their Minecraft addiction could very well be the cause of your next enterprise-grade social engineering attack. In the past few weeks, millions of children returned to online learning, and simultaneously — and perhaps unknowingly — your company’s cyber

Sep 30, 2020

How Modern Phishing Defeats Basic Multi-Factor Authentication

Two years ago, at the internet security conference Black Hat US, the Yubico team was invited to speak about how advanced phishing works and how FIDO authentication standards and YubiKeys can help mitigate these attacks. Today’s hackers increasingly hijack one-time use codes and push notifications during the brief window when they are valid, and the

Protect Remote Workers Against Account Takeovers

Learn how to secure remote workers, why MFA is a top requirement, and other best practices

YubiKeys: Securing an Existing Environment

We will cover the “why” behind YubiKey security including protecting against phishing attacks