Cybersecurity

Cybersecurity Articles

Tips, insights, and alerts covering all things cybersecurity gleaned from the day-to-day and sources online.

Screenshot of the infographic for MFA Fatigue - Summary of content is in the article

Cybersecurity

Cyber Security Hygiene (Reactive) MFA Fatigue

Imagine this situation, you're in the middle of something important... perhaps a meeting or a lunch out and your phone just keeps constantly sending you "push" notifications asking you to approve a login. (Push notifications typically come from some sort of app on your phone like Duo or your banking app) It's becoming really annoying because they just won't stop! The only problem is, you're not trying to login to anything right now. What do you do now?

Sun, 2025-04-13 - 22:45

Screenshot of the infographic for multifactor authentication methods - Summary of content is in the article

Cybersecurity

Cyber Security Hygiene (Proactive) Multi Factor Authentication

The benefit of enabling multi-factor authentication is that even if someone manages to get your username (which in many cases is your email address) and your password, they still don't have enough information to access your account and since the 2nd factor is ideally something that you have in your possession or are (a bio-metric) such things are very difficult from a criminal to get!

Sun, 2025-04-13 - 20:29

Screenshot of the infographic for protecting other authentication methods - Summary of content in the article

Cybersecurity

Cyber Security Hygiene (Proactive) Protect Other Authentication Methods

For the most part we can all easily understand the importance of securing our usernames and passwords. However it can be easy to overlook all the other information that can sometimes be used to access our accounts. From your email and birth date to sometimes seemingly innocent reference numbers. It's just as important to secure this information as it is to secure your password.

Fri, 2025-04-11 - 16:15

Information page about password vaults/managers (details include in article content)

Cybersecurity

Cyber Security Hygiene (Proactive) Password Managers

If you follow the rather important good practice of having a unique password for every account. You will immediately be challenged by the sheer number of different credentials that will be needed to authenticate with all these accounts. With these many hundreds of credentials (passwords etc...) you wind up with in our modern lives, password vaults/managers are effectively an essential. They also provide a host of other useful features. In fact, once you get used to having one it will usually save you so much time, you'll wonder how you ever lived without one.

Wed, 2025-04-02 - 21:33

Information page about unique passwords/passphrases

Cybersecurity

Cyber Security Hygiene (Proactive) Unique Passphrases and Passwords

One of the single most important good cybersecurity habits is to use a unique password for every different account. While the concept is simple, the idea of using a unique password for every single account may seem daunting if you have never done it before. Keep reading for more information about why this is so important and how to do it without breaking your brain!

Mon, 2025-03-31 - 20:37

Information page about the Stop, Assess, Plan, Proceed protocol

Cybersecurity

Cyber Security Hygiene (Reactive) SAPP

Knowing what to do when something goes wrong can be just as important as working to prevent it. Anyone who has ever worked in any sort of first responder role (medical, fire fighting, or in my case Search and Rescue) will be familiar with the idea of following a well practiced protocol as a means to take appropriate action when an incident occurs. One of these protocols called SAPP (Stop Assess Plan Proceed) is just as applicable to a cyber security incident as it might be in the search and rescue context.

Mon, 2025-03-31 - 19:41

a cute puffy creature cradeled in the hands of a robot

Cybersecurity

Trust

Discussions about cybersecurity frequently include the word Trust. It may be stated on it's own or as part of other terms such as "Trust No-one" or "Zero-Trust" or "Trust but Verify"... I recently spent some time thinking about trust and how it relates to cybersecurity. The more I thought about it, the more I realized that a bit of a deep-dive into who we are trusting (or not trusting) was well worth the effort.

Tue, 2025-02-11 - 18:47

Cybersecurity

Invisible AI

The cybersecurity risks associated with AI/ML tools are slowly but surely being documented and communicated. People are starting to understand these risks and consider them. However as vendors rush to integrate AI into anything they can cram it into, even beer! It becomes far less certain if you may be using AI and not even know it.

Wed, 2024-03-27 - 08:39

News

Ransomware Before Christmas

'Twas the night before Christmas, when all through the house
Not a laptop was whirring, even those with a mouse;
The screens were all flashing with an eerie red glow
All Files Encrypted, All your secrets we know!

All the presents were nestled all snug in the sleigh
But poor Santa had no clue with whom they should stay.
After moving his list to a computer based tracker
It's all now encrypted, and in the hands of some hacker

Sat, 2023-12-16 - 10:57

Tech Tips

An ELK (or is that EEAK) that's An ELK not Anne Elk - as in the Elastic Stack on Ubuntu 22.04

After all the other network enhancements I have been working on, it was time to get some centralized logging going on. While I considered Logging Made Easy (LME) from CISA - this looked like just an abstraction on top of the ELK stack. Since I already had implemented that years ago, I elected for the latter and the die was cast.

Mon, 2023-12-11 - 21:56

Cybersecurity

Cybersecurity

Cybersecurity Articles

Social media

Additional resources