What is Multifactor Authentication & Why YOU Need it?

Lately, there’s been a lot of buzz about multifactor authentication, especially with Twitter. Multifactor Authentication refers to the requirement of two or more pieces of information needed before allowing access to a specific account.
Adding another step to authentication, it’s requiring the user to not only enter a password, but also input another piece or more of information. Many example include inputting a username and password, plus maybe a code or other piece of pertinent information each time at logon.
Although this is a good security method, by providing another barrier to entry, it will probably not prove perfect. But, at least it is something to get us by in security, till a more strengthened solution comes along. We just need to get rid of the weak password encryption we have now, and get something better.
What more can be done for password security? Highlight your input by commenting below. We’d love to hear about it!
With the Rise of Coding, Comes the Rise of Malware
I’m sure you might have read recent articles about how coding is going to be the ultimate skill in the coming years. Seems like this might as well be true, so it’s being pushed with the various online schools being developed (the list is getting exhaustive). With this huge rise of training comes a huge rise of smarter hackers and malware writers.
What is it about malware that seems so attractive? Money, fun, damage, etc.? We can get a glimpse of reality when we see the statistics on antivirus vendor websites, some say a million new samples are added weekly. Many of these issues arise out of the violence of society or the outward shame that is inflicted upon other people through the art of cyberbullying, hacking, and other threatening tasks.
What’s more is that when we study these aspects, we get a sense that most malware is targeting our wallets, stealing our identities. We need better protection. This is a call to someone who can make better, user friendly operating systems. If you know how to code or are training, please make sure to use it for good. You could in fact become a lot more rich making top security software than becoming a hacker – stealing and risking it all.
What’s better for you? Helping or hurting? Good wallet or prison time? Make your choice. Better humanity through an act of good will. Get out there and code for the good! Make a difference! BE THE DIFFERENCE!
Don’t be afraid to try new things. Set impossible goals. Shoot yourself into the future of technology and skyscrape the world over with your amazing new security software.
Something’s gotta give! And if something doesn’t happen soon, our threatening internet culture could begin to control us and steal our money. We’ll have a very unfair world by then. What if we impose CISPA? That’ll make a lot of people happy but also a lot of people mad.
What more can be helped for our cybersecurity problem? Feel free to comment and leave your suggestions.
Added Security for Twitter Users to Come Soon!

From spam to ham, Twitter deals with a lot of security issues on a daily basis. What about viruses/malware? I’m sure, yes. But, more importantly: account security. What do Twitter users need? Security assurance!
Therefore, Twitter is developing and perfecting a two-factor authentication method that will allow Twitter to not only ask for a password, but also a different credential to be sure of who is accessing your account.
From recent issues with Twitter accounts being hacked, it is best to have this in place, before it happens to other high profile organizations. Some of the recent organizations hacked were high profile including the Associated Press‘s account, CBS 60 Minutes account, and the BBC’s account.
Expect a shift in all online high profile websites switching to two-factor authentication. Apparently, it is the go-to emergency security solution.
Updated Details: Gozi Malware Back with More Money Stealing & Sophistication

It seems as if security firm, Trusteer, has identified a new variant of the Gozi financial malware. This one is more sophisticated and requires your attention. This new variant infects the Master Boot Record (MBR) on your computer — which is a boot sector software device that resides at the beginning of your hard drive that tells your computer how to boot up.
Just like TDL4, another MBR infector, this malware is hard to detect and remove. The main idea behind Gozi, though, is to wait for Internet Explorer to be launched on the victim’s machine, and malicious code is injected into the Process. This allows the malware to intercept web traffic, and inject its own code to webpages, misleading the user and collecting financial information (as well as social security numbers, birth dates, etc.).
Some speculate other developers have taken over, since apparently the main developer as well as accomplices were arrested not long ago. Looks like the new developers have a more sophisticated twist on the whole situation.
What’s different? The MBR rootkit component. This component makes the malware more sophisticated, because the removal of such threat can cause the computer to fail booting. The main problem at trying to fix infections in the MBR is that occasionally, the backup code that is placed in a different sector, is modified to not work when the infection locks in. This makes you have to keep it on the machine. However, it’s more effective to use private tools to help remove it.
One of the private tools, well sort of private, is the Kaspersky Rescue Disc. There are others that are available also, including TDSSKiller, which may or may not work out correctly.
If you need further help, we would love to assist. Please comment at any time!
Forty-Two (42) Whopping Security Holes Patched in Java

42 new security fixes are included for Oracle’s Java SE software. This new version with all security fixes included also includes a new feature to alert users of the dangers of running certain Java content.
Java 7 Update 21 was released yesterday (April 16, 2013) with all 42 bugs fixed. Most of the flaws are from exploits. Which means that visiting a hacked website can get you infected. Users running Java 6 are prompted to update to Java 7. However, Java 6 updates are still privately available (Update 45).
Anyway, the new update involves the introduction of newer security warnings as well as other message prompts. These are used for the web browsing environment to help users identify potentially risky content. See the image below for more information:
Java’s new features have been pretty continuous when Oracle finally realized last year that Java was getting to be an extremely insecure plugin. Java’s not so bad when it’s running an out-of-browser application, like a program or game.
The new version, now available on Java.com will bring the current version to Java SE 7 Update 21 and Java SE 6 Update 45. It is recommended to unplug your browser from Java, at least the main one, and only use Java Runtime Environment (JRE) in a lesser-used browser. Whenever you need to use a site that required Java, use it on your rare browser, so that you don’t get tripped up by ads or other exploit sites that try to access Java on your main browser.
Additionally, make sure to occasionally clear the Java cache, which will help prevent old temporary files for Java from loading. It’ll make the Java experience a bit better. This may also help remediate issues, if a Java application doesn’t run.