Tag

Multi-Factor Authentication

Posts tagged with multi-factor authentication explain how layered identity verification strengthens access security. Coverage includes MFA implementation strategies, authenticator app comparisons, hardware token options, and best practices for deploying MFA across enterprise environments.

posts

Work From Home Cybersecurity

Work From Home Cybersecurity: A Practical Defense Guide

Your Remote Workforce Is Your Largest Attack Surface In March 2023, the FBI's Internet Crime Complaint Center (IC3) reported that losses from cybercrime exceeded $10.3 billion in 2022 — a 49% increase from the year before. A massive chunk of those losses traced back to compromised remote workers.

Carl B. Johnson Nov 26, 2023 7 min read
Securing Remote Employees

Securing Remote Employees: A Practical 2023 Guide

In August 2023, a single remote employee at a casino and entertainment company fell for a social engineering call. That one mistake gave threat actors the keys to MGM Resorts' entire kingdom — an attack that cost the company over $100 million in damages according to their SEC filing. The

Carl B. Johnson Nov 26, 2023 7 min read
VPN Best Practices

VPN Best Practices: What Actually Protects You in 2023

In May 2023, Barracuda Networks disclosed that a zero-day vulnerability in its VPN appliances had been actively exploited since October 2022 — giving threat actors seven months of undetected access to customer networks. CISA issued an emergency directive. The patch wasn't enough; Barracuda told customers to physically replace compromised

Carl B. Johnson Nov 26, 2023 7 min read
Remote Desktop Security Risks

Remote Desktop Security Risks That Breach Networks Daily

In September 2023, the FBI and CISA issued a joint advisory warning that the Play ransomware group had compromised over 300 organizations — and their most common initial access vector was exposed Remote Desktop Protocol. That's not a sophisticated zero-day exploit. That's a login screen sitting wide

Carl B. Johnson Nov 26, 2023 7 min read
Cloud Security Best Practices

Cloud Security Best Practices That Actually Stop Breaches

A Single Misconfigured S3 Bucket Exposed 3 Billion Records In early 2023, independent security researchers discovered yet another wave of publicly exposed Amazon S3 buckets leaking sensitive customer data — healthcare records, financial documents, personally identifiable information. None of these organizations were hacked in the traditional sense. They simply got their

Carl B. Johnson Nov 03, 2023 7 min read
Securing Cloud Applications

Securing Cloud Applications: A Practical Field Guide

The $65 Million Misconfiguration Nobody Saw Coming In March 2023, Toyota disclosed that a cloud misconfiguration had exposed vehicle data on 2.15 million customers for over a decade. A single cloud storage bucket, left publicly accessible, quietly leaked data from 2012 to 2023. Nobody noticed for ten years. That&

Carl B. Johnson Nov 03, 2023 7 min read
Cyber Hygiene Checklist

Cyber Hygiene Checklist: 12 Steps That Actually Work

In March 2023, the FBI's Internet Crime Complaint Center reported that Americans lost over $10.3 billion to cybercrime in 2022 — a 49% increase from the year before. The uncomfortable truth? Most of those losses trace back to failures in basic security practices, not sophisticated zero-day exploits. A

Carl B. Johnson Jun 08, 2023 7 min read
Credential Stuffing Attack

Credential Stuffing Attack: How to Stop It Cold

23 Billion Stolen Credentials Are Already For Sale In January 2023, cybersecurity researchers at Digital Shadows reported over 24.6 billion stolen username-and-password pairs circulating on dark web marketplaces. That's roughly three credentials for every person on Earth. And every single one of them is a loaded weapon

Carl B. Johnson Jun 06, 2023 7 min read