an interesting situation with an email provider and the issues they are facing with the hijacking of customer mailboxes:
“I am sorry to hear that you were experiencing issues with email latency. We are working on making changes to resolve the issues with latency. In the meantime you may see peaks of latency. We are monitoring the servers and will clear blocked queues as they arise. These traffic jams are caused by hackers hijacking our customers mailboxes that have weak passwords. We have setup automatic suspensions to stop these mailboxes faster. We are recommending to all of our customers to make passwords as secure as possible to help prevent this issue.”
With the negative effects on their customers you have to wonder if they are supporting encrypted communications to their POP3 and SMTP servers. It seems with this provider they were still using clear-text ports 110 and 25 respectively. What they think is protecting their servers are strong passwords…but what good is a “strong password” if it’s being sent to their mail servers in the clear? When checking their password complexity rules:
“Passwords must be 8-14 characters, with at least one letter, plus one number or special character [!@#$%^&*]”
It is amazing to think that a password such as “Password1″ would be enough to be considered strong. With email being a very weak link in many organizations it is alarming to see that this is considered secure. Many providers are operating with a false sense of security which is not disclosed to their customers. What is your email provider using?
Price vs Cost: One Man’s Opinion
Mon, Mar 3rd 2014 3:14p Rob Bellefeuille With the economic state of the country, you always hear folks talking about the price of an item or how much it cost them. Being in the security industry and a home owner, I can identify with the struggles that come with sticking to a budget and finding a solution.
However, with security it can truly be a gamble that all too often plays out in a negative way. One comparison we threw around a lot here in the office is a home security system. You constantly see on the news or hear from others sto [read] Keywords: office
Wed, Feb 26th 2014 10:15a Liana Lichtenwalner Hailstorms are a threatening phenomenon that can sometimes turn fatal. Hailstones can range from a ¼ of an inch to 7 inches in size, causing severe damage to anything in their path. Attacking hackers, in many ways, are like hailstorms when there is a breach in security, leaving extensive damage.
Lately, Cyber security has been on the minds of many people, and with many security breaches at major companies placing personal data at risk, it is no wonder. A recent study done by the Ponemon Insti [read] Keywords: application
Data Breach on Campus: Over 300,000 Exposed at University of Maryland
Fri, Feb 21st 2014 12:14p Rob Bellefeuille This week the University of Maryland came forth with an announcement that their campus data base had been breached, exposing sensitive information for over 300,000 students and faculty. The data breach comes on the heels of many other similar data breaches at retailers across the US including Target, Neaman Marcus, and Michaels Craft Stores.
According to a letter from University of Maryland President, Wallace D. Loh on February 19, 2014; “A specific database of records maintained by our IT D [read] Keywords: database
Government Surveillance, Time to Reform?
Mon, Feb 17th 2014 11:11a Chief Content Writer There has been a recent push back against the government claiming that they are impeding on the privacy rights of users. Eight companies, including AOL, Apple, Facebook, Google, LinkedIn, Microsoft, Twitter, and Yahoo, co-authored a letter to President Obama stating their concerns. In this letter, the major companies broached the issue of the global interference with users’ internet accounts and discussed the fact that governments do indeed need to protect their citizens but not at the cost of [read] Keywords: apple
To E-File or Not to E-File
Mon, Feb 10th 2014 1:11p Liana Lichtenwalner While Shakespeare is better known as an excellent playwright, vivacious actor, and sublime constructor of the English language, he also has a not-so-well-known, historical record for tax evasion, hoarding, and the selling of grain at atrocious prices during years of famine. Although we are not here to discuss the moral ethics of Shakespeare, we should ask ourselves “to e-file or not to e-file.”
As the season for filing your taxes approaches and with many already waiting for their returns, [read] Keywords: policies
Bugged- A Glitch in Google Voice Recognition
Fri, Jan 31st 2014 9:11a Liana Lichtenwalner Bugged and tapped conversations have been used throughout history by all kinds of people from allies to enemies, heroes to villains, and detectives to outlaws. History would tell quite a different story if bugged conversations did not exist, but what about your own conversations? Could your computer microphone be the bug in your home or office? Unauthorized sites could be using a glitch in Google Chrome’s voice command to record your private conversations right from your own computer, compromi [read] Keywords: bug
World’s Largest Beverage Company Compromised
Thu, Jan 30th 2014 12:11p Rob Bellefeuille The importance of encrypting data has become more prevalent with recent data breeches at retail stores and social networking sites. The latest company to join the list of offenders or victims, depending on how you look at it, is Coca-Cola.
Last week the Wall Street Journal (WSJ) reported that Coca-Cola had exposed a security breech from within their own company, compromising the personal information of about 74,000 North American employees and contractors.
The breech was due to a few laptops bei [read] Keywords: network
Hacking Your Way to Love
Thu, Jan 23rd 2014 1:11p Rob Bellefeuille In this blog, we certainly do not condone hacking in any manner. However, this morning there was a hacking love story that popped up in my newsfeed regarding OK Cupid, a hacking of a different kind on an online dating website. Using mathematics, Chris McKinlay cracked OK Cupid’s algorithm for selecting a mate.
The way that OK Cupid works its magic is by asking specific questions with different levels of importance on each topic. The questions asked by OK Cupid can range from, if the person [read] Keywords:
Identifying Authentication Challenges in Education: A look within our clients
Wed, Jan 22nd 2014 1:11p Rob Bellefeuille Recently, while looking through our customer base, we noticed a very interesting trend within our post-secondary education clients. Once we recognized this trend, we wanted to take a moment and identify this top issue and look at some of the reasons why this could be so?
We identified that the most common hurdle that our clients are facing within the education industry is account lockouts, a.k.a. self-service password reset (SSPR).
When looking at the grand scheme of things, this is not really a [read] Keywords: apple