products:

Sorry,

there are no posts to show...


Helpful Resources

News:

Two-factor authentication is an immensely more secure option for securing your accounts than just using a password. The process has typically been as simple as putting in a spontaneously generated code that is provided to you via an app or SMS, in addition to your password. The extra time that it takes to fetch and type in the generated codes ensures that your account stays secure even if your password is compromised, offering an extra layer of account security. The extra time is also why astoundingly few people take advantage of two-factor authentication.

Introducing Google Prompt

Google just released Google Prompt, a new two-factor authentication method that allows you to give two-factor authentication security to your Google account with a mere tap on your personal device. There is no more need to generate and enter extra numbers or letters. When logging into your Google account, simply enter your password as usual and then you will see a prompt on your personal device. Tap approve and you will be logged in. Simple and strong security for your account.

It is important to note that this solution requires that your device be connected to the internet. Other cloud-based identity providers, such as OKTA, also have similar solutions for enterprise customers with options such as “mobile push authentication”.

 

Google_1.jpg

How to Enable Google Prompt

Before enabling Google Prompt, you will need to enable Two-factor authentication for your Google account. If you already have Two-factor authentication enabled for your account, you can skip to the next step.

Enable Two-factor Authentication:

  1. Go to the 2-Step Verification page. You might have to sign in to your Google Account.
  2. In the “2-Step Verification” box on the right, select Start setup and enter your password again.
  3. Now provide your phone number you want to use for authenticating, and choose either an SMS or phone call for verification, and click on ‘Try it.’
  4. Enter the 6-digit code from the SMS or phone call and select ‘Next.’
  5. For setting up two-step verification, click ‘Turn ON.’

Enable Google Prompt:

Google Prompt uses the Google Search app on iOS devices or the built-in Google Play app on Android devices. If you have an iOS device, start by downloading the Google Search app and sign into it with your Google account, if needed. If you have an Android device, you can simply update your Google Play app.

Once you have the latest Google Search app (for iOS) or Google Play app (for Android),

  1. On the 2-Step Verification page, select the option for ‘Google Prompt.’
  2. Select the device you’d like to enable
  3. Select ‘Try it.’ (Check out Google’s Help Center for more detailed information)

 

Google_2.jpg

 

Google Prompt is now enabled, giving you simple to use and strong security for your account.

Happy authenticating.

You may have heard all the buzz about Pokémon Go, Nintendo’s latest generation of games developed after the popular animated show from the 90’s, created as a mobile phone app. In people’s haste to download and install the latest and greatest, users are also falling victim to additional malicious apps disguised as tutorials or alternate versions of the game. As the app is only officially offered in the US, New Zealand, UK, and Australia, users in other countries are passing around Android Package Kit (APK) files in an attempt to play the game as well. However, users are required to “sideload” the app in order to download the APK which modifies their core Android security settings and allows their device to install applications from untrusted third-party sources.

Users have been cautioned against these illegal downloads as one of the popular APK files has been modified to install a backdoor known as DroidJack. DroidJack is a Remote Access Tool (RAT) that allows third parties to take remote control of a user’s device, record private conversations, read emails, browsing the history, and texts, and tracks the user’s physical location all without their knowledge. If a user has downloaded DroidJack on any device linked to their bank accounts, corporate/personal email, all that information is now available to untrusted third parties.

The threat of this malicious software is very real, as the security firm Proofpoint discovered the infected version of the app within 72 hours of the game’s launch in New Zealand and Australia on July 4th. To verify the version, malicious or not, of the app you have installed on your device, navigate to your Android device settings for Pokemon Go and scroll through the list of app permissions. If the version installed on your device has permission to directly call phone numbers, read/edit your SMS messages, record audio, read browser history, read/edit your contacts, read/edit call logs, and edit network connectivity, then you should wipe your device immediately. This is the only guaranteed method of removal from your device. Business leaders, especially those overseas, caution your employees about this application as the user base is not exclusive to any age group.

When working with CyberSheath, we will empower your organization against common threats such as these to effectively reduce risk through proper security and awareness training.

FAQs:

CyberSheath Blog

Dr. Robert Spalding to Address Nation-State Attacks at CMMC Con 2021

Since the inaugural CMMC Con, we’ve seen some of the most malicious attacks on American infrastructure ever executed. The SolarWinds attack reverberated across the entire government as agencies scrambled to discover what nation-state attackers had accessed and stolen. The Colonial Pipeline, shut down by a ransomware attack, led to fuel…

CMMCEnclave: Add Versatility with a More Flexible Approach

The enclave approach to CMMC compliance is one of the most cost effective and least disruptive ways to safeguard CUI. You can maintain high-value custodial security of CUI without upending your existing processes, procedures, and people. That way, you can maintain the proper level of CMMC compliance and remain eligible…

CMMC Con 2021 Opens Registration, Reveals Theme and Speakers

CMMC compliance stands in the way of revenue for every defense contractor in the supply chain. Now that CMMC is a reality for the Defense Industrial Base (DIB), learn how contractors — primes and subs, large and small, foreign-owned — are handling the standards and requirements, as well as the…

Our Trusted Partners

Cyberark McAfee Thycotic RSA Tenable Alien Vault Alert Logic Microsoft

CMMC Con 2021 is here! Save your spot to hear the latest on CMMC from our expert speakers across the government and Defense Industrial Base.