Skip to content
Glock Enterprises
  • Welcome
  • Blog
  • Resources
  • Support

Technology

Great 5G features that also make it the most vulnerable cellular network

8th October 20198th October 2019 peterglock

The good news is that 5G is software based so can be updated. The bad news is that 5G is software based so is easier to hack…: […] Unlike previous […]

 Technology  Glock Takes Stock

WatchGuard releases cloud-based service to automatically block phishing attempts

7th October 20197th October 2019 peterglock

I sat next to a security manager for an academic institution in Latvia last week and asked him what he was doing to protect his network seeing as he had […]

 Be Aware, Technology  Glock Takes Stock

Europe’s tech enforcer lost legal battle, not political war

25th September 201925th September 2019 peterglock

This may set the tone for the next 5 years of tech development in Europe so worth watching…: Margrethe Vestager had a rough patch in court. But Europe is far […]

 antitrust, Artificial Intelligence, Big Data, Digital Business, Mobile, PoliticoEU, tax, Technology  Glock Takes Stock

Dear network operators, please use the existing tools to fix security

23rd September 201923rd September 2019 peterglock

Using the public internet for mission-critical workloads? Time to make sure plan B is in place…: […] The BGP standard includes so-called Resource Public Key Infrastructure (RPKI) Route Origin Authorisations […]

 Technology, ZDNET  Glock Takes Stock

Margrethe Vestager’s second chance

19th September 201919th September 2019 peterglock

Interesting profile of this powerful lady. She’s been trying very hard to rein in Big Tech, but with little effect so far…: Call it the paradox of Margrethe Vestager. Europe’s top […]

 antitrust, Artificial Intelligence, Banking, data, development, Digital Business, Investment, PoliticoEU, regulation, social media, tax, Technology, trade  Glock Takes Stock

Say hello to 802.11ax: Wi-Fi 6 device certification begins today

17th September 201917th September 2019 peterglock

I have an ancient Wifi setup in my home/office using a mix of kit from Netgear, Apple, Sky, BT…some of it more than 10 years old. This might give me […]

 Ars Technica, Be Aware, Tech, Technology  Glock Takes Stock

‘Smart cities’ are growing faster than IT officials can secure them

17th September 201917th September 2019 peterglock

Mayor: Give me the shiny stuff, now CIO: Sure, but I’ll need a gazillion % increase in budget Mayor: …   […] “We talk about the bright, shiny objects and […]

 Technology  Glock Takes Stock

Microsoft pushes back end of support for Exchange Server 2010 by nine months

17th September 201917th September 2019 peterglock

If you’re running workloads on (very) old versions of Windows platforms, there’s a little bit of pressure relief in this announcement. Microsoft would very much like you to move to […]

 Technology, ZDNET  Glock Takes Stock

Red Cat Partners with GoChain for Blockchain-Based Drone Data Storage, Analytics, and Services …

12th September 201912th September 2019 peterglock

Today’s winners of the BS Bingo competition. It only needs the inclusion of ‘AI’ and ‘Quantum’ to sweep all before it…: […] Red Cat developed the industry’s first blackbox flight […]

 Technology  Glock Takes Stock

Android 10: All the new features to expect from Google’s latest operating system

3rd September 20193rd September 2019 peterglock

The one feature I’d really like to see is some way to educate users not to download apps without thinking “Do I really need this?” and “Do I trust this?”…: […]

 Be Aware, Technology  Glock Takes Stock

Posts navigation

← Older posts

Recent Posts

  • Should I be worried about MFA-bypassing pass-the-cookie attacks?
  • Cyber security labelling scheme expanded to include all smart home devices
  • 2021: The Year We Kick the Dogs Off the Internet
  • Ongoing ransomware attack leaves systems badly affected, says Scottish environment agency
  • Stolen Employee Credentials Put Leading Gaming Companies at Risk of Severe Cyber Attacks

Get in touch

Email: [email protected]


View Glock Enterprises Ltd profile on Ariba Discovery

Data Protection Register

Registered with the ICO: ZA494319

About

Glock Enterprises Ltd. Registered in England & Wales No. 11183883

VAT No: GB 361 2795 89

All content (c) Glock Enterprises Ltd 2020

Pages

  • Blog
  • Privacy Policy
  • Resources
    • Free Trial – Private Threat Intelligence
    • White Paper: Building a Business Case for Cybersecurity Asset Management
    • White Paper: Cyber Deception – Migrating to an alternative platform
    • White Paper: Hunting for Threats in Operational Technology
    • White Paper: Internet Connected Storage
    • Whitepaper: 5 Steps to Building a Threat Modelling Program for AWS
    • Whitepaper: Coping with a flood of Data Subject Access Requests
  • Services
  • Support
  • Welcome

The Latest from Facebook

Glock Enterprises Ltd

7 hours ago

Glock Enterprises Ltd
Should I be worried about MFA-bypassing pass-the-cookie attacks?TL;DR Yes. Time for a cookie review and a bit of user education otherwise the effort of moving to multi-factor authentication will have been wasted...:[...] “Thinking that MFA magically makes you unhackable is even more dangerous than not using MFA. Unfortunately, most MFA implementers and certainly most users don’t understand this. For example, I can send anyone a phishing email and get around their MFA solution and if you don’t know that, you might not pay as much attention to what URL you’re clicking on.”[...]Cerberus Sentinel’s Espinosa said: “The way to mitigate the MFA pass-the-cookie vulnerability is with better cookie management and better user training.“Specifically, cookies should be set with a short lifespan and should be for a single session, so when the browser is closed, the cookie is voided. Users should be trained to log off the web application and close their browser after they are done using the web application. Many users never logoff or close a browser – this increases risk.“The bottom line is there is no single way to fix the pass-the-cookie problem, unless you force a user to reauthenticate more frequently for different web application functionality. This diminishes the user experience though,” he said.[...]Original article buff.ly/360rdLU ... See MoreSee Less

Photo

View on Facebook
· Share

Share on Facebook Share on Twitter Share on Linked In Share by Email

Proudly powered by WordPress | Theme: Moesia by aThemes