Archive
-
Examining the CISO agenda in 2021CISOs are paid to worry, and there’s a lot to worry about in 2021. The recent SolarWinds breach, the Capitol break-in, and a series of high-profile hacks are spurring many enterprises to re-examine their security strategies. We discuss what lies ahead with Yubico’s CISO, Chad Thunberg. Q: What’s top of mind for CISOs in 2021? The SolarWinds […]
Read more -
What is Spear Phising?
Spear phishing definition Spear Phishing is an attack that targets an individual, organization or business. Rather than taking the phishing approach of a shotgun blast email to many people at once, spear phishers will first gather personal or specific information. That information is used as bait that might be especially attractive to a particular target. […]
Read more -
Wrapping up 2020: A year where technology and internet security prevailedNever has the world been more dependent on the internet, and never has it been more attacked than in 2020. In fact, it proved to be a year where trust in many of our systems was challenged. Yet I remain an eternal optimist and believe that we can transform the hard lessons learned in 2020 […]
Read more -
What is DNS Spoofing?
What is a DNS Server? To start out, a DNS server is a sort of classification system for domains on the internet. If a user is searching for yubico.com, the job of the DNS is to go out and find the IP address for that domain so the user can access the correct site. How […]
Read more -
What is a Brute Force Attack?
What are the goals of a brute force attack? The ultimate goal of a brute force attack is to steal password and login credentials to gain access to online accounts. After an attacker gains access it doesn’t stop there. They may use accounts to send out spam or phishing messages to other users. Another action […]
Read more -
Credential Stuffing
What are examples of credential stuffing?
Read more -
What is DFARS?
DFARS DFARS stands for Defense Federal Acquisition Regulation Supplement. The Department of Defense uses it to protect confidential information. Why is DFARS implemented? Government employees and contractors are likely to be targeted by hackers and nation-states, so authentication solutions need to be resistant to phishing and account takeovers, and comply with federal regulations. DFARS provides a […]
Read more -
What is phishing?
What is Phishing? Phishing is the fraudulent practice of inducing people to reveal sensitive personal information such as credit card numbers and passwords. Phishing attackers send what appear to be legitimate communications by text, email, or other electronic communication from reputable companies and other trustworthy entities to lure users to phishing websites. These professional-looking sites […]
Read more -
Enable secure privileged access management
Zero account takeovers with the YubiKey Privileged users are the most highly targeted users by cyber attackers as these users hold higher ‘privileges’ to critical and sensitive applications and data. These could be IT, security, network and database admins, as well as C-suite, HR, finance and marketing employees. Securing privileged users across both IT and business […]
Read more -
Improve your company’s cyber security training with top tips from a behavioral researcherToday marks the final stretch of National Cyber Security Awareness Month (NCSAM), and for the final week, we decided to sit down with Sal Aurigemma, PhD, Associate Professor of Computer Information Systems at the University of Tulsa, to get his take on enterprise security training. As with many other things that have been impacted by COVID, […]
Read more