The Lighthouse IT Podcast - July 10th, 2020

Matt and Griffin discuss how Microsoft estimates that the global workforce will add 149 million new tech-oriented jobs by 2025, Free/Easy DNSSEC Upgrades for your site, Google's one year SSL certificates, Google testing feature to hide parts of the URL in Chrome’s address bar, and Reddit and Pinterest, It’s Time to Shine.

Listen here!

It's been some time since lockdowns were in place and businesses have now begun to re-open. With all the negative news that had been floating around, we have some perks coming from lockdown. Microsoft estimates that the global workforce will add 149 million new tech-oriented jobs by 2025. The job industry is shifting to roles that can be completed remotely. Other studies are showing that the automation space is expected to grow handily as well as remote workers are needing better workflows that rely less on manual and physical processes.

The Lighthouse IT Podcast - June 19th, 2020

Matt and Griffin discuss Breachstortion, reading sound waves through a telescope pointed at a light bulb, Facebook's new email marketing initiatives, and Burger King Brazil's new 'Lockdown Whopper'!

Listen here!

Security News

First there was Sextortion, now there's Breachstortion.

The Lighthouse IT Podcast - June 5th, 2020

Matt and Griffin are back as they discuss how Sign-in with Apple was much easier than we all thought, why it may be a good reason to upgrade to the dreaded Android 10,  and what updates Google has been making to the world of SEO.

Listen here!

Security News  

Apple Security News 

We’ve all used the log-in service on a website or app by supplying our Facebook or Google credentials. Just like these providers, the sign-in with Apple allows site visitors to use their Apple ID credentials to sign-in to other websites. 

A security research from Delhi, India has discovered an account takeover flaw in Apple's Sign-in with Apple system. These systems work by allowing you to login to a popular service and receiving a "token" that authorizes you access to the websites that use the login service. 

The security researcher discovered if he could identify a valid email address of an Apple ID (which was openly contained in an initial login request), he could pass the email address to a publicly accessible web service and retrieve a valid token. No password was required to do this. 

Luckily, because of the bug report being completed properly, Apple was able to very quickly patch the open flaw and states that its investigations did not show any misuse or compromise. Which is good news for services such as Adobe, Airbnb, Dropbox, eBay, Grindr, Medium, Strava, Tik Tok, and even WordPress that utilize this log-in method. 

READ MORE

The Lighthouse IT Podcast - May 22nd, 2020

This week, Matt and Griffin focus on reviewing topics that continue to appear in all industries, as well as specific ones. Since digital security impacts everyone, if you’re not careful, you could end up being the direct link to a company-wide hack! But on a more positive note, how are marketing and sales efforts looking as businesses begin to reopen and how can we make use of sales tools to hit that bullseye for our goals this year?

Listen here!

Security News  

CISA & FBI public service announcement

No surprise to the security industry, but COVID-19 infections reach far beyond infecting people...  On May 13th, CISA and the FBI issued a public service announcement warning organizations researching COVID-19 that they will likely be the targets of attempted network compromise by the People's Republic of China and is recommending companies in these sectors to take additional precautions and report suspicious activities to CISA. 

READ MORE