<img height="1" width="1" style="display:none;" alt="LinkedIn" src="https://dc.ads.linkedin.com/collect/?pid=239833&amp;fmt=gif">

Recent Posts

Taco Subscription, Passwordless Accounts, and a lot of bugs

Posted by Griffin Ball on Sep 24, 2021 11:00:00 AM

The Lighthouse IT Podcast - September 24th, 2021

This week, Matt & Griff discuss Taco Bell's subscription service, Microsoft's work hour study, a universal decryptor for old versions of REvil/Sodinokibi, Microsoft accounts going passwordless, and National Cybersecurity Awareness Month is here!

Listen here!

Read More

Topics: Office 365, Internet Safety, Ransomware, Cybersecurity, Multi-factor Authentication, Malware, Podcast, WiFi

More Ban News, Gift Card Gang, Cyber Attacks, Blockchain art & more!

Posted by Griffin Ball on Sep 10, 2021 11:00:00 AM

The Lighthouse IT Podcast - September 10th, 2021

This week, we discuss OnlyFans making our last podcast outdated before we even released it, China placing bans on online gaming, the latest developments and threats to cyber-security, the Gift Card Gang, and the NFT from Vine co-founder Dom Hofmann. Also, we promise that this is relevant.

Listen here!

Read More

Topics: Office 365, Internet Safety, Ransomware, Cybersecurity, Multi-factor Authentication, Malware, Podcast, WiFi

Cyber Security Essentials

Posted by Mark Nash on Oct 23, 2020 11:00:00 AM

Continuing the discussion on cyber security during this year's National Cybersecurity Awareness Month (NCSAM), we will be talking about the Cybersecurity and Infrastructure Security Agency’s (CISA) list of cyber security essentials.

There are three specific actions that CISA recommends all people take. 

1. Backup your data

First of these actions is to make and keep regular backups of your data. In the unfortunate event of a device malfunction or if a malware attack renders your data inaccessible, having backups can change the scenario from disastrous to inconvenient. You can read more about backups here.

Read More

Topics: Network Risk Assessment, Internet Safety, Backups, NCSAM, Cybersecurity, Multi-factor Authentication

Flaws in Apple sign-in, Upgrading to Android 10, and Core Web Vitals

Posted by Griffin Ball on Jun 5, 2020 10:59:49 AM

The Lighthouse IT Podcast - June 5th, 2020

Matt and Griffin are back as they discuss how Sign-in with Apple was much easier than we all thought, why it may be a good reason to upgrade to the dreaded Android 10,  and what updates Google has been making to the world of SEO.

Listen here!

Security News  

Apple Security News 

We’ve all used the log-in service on a website or app by supplying our Facebook or Google credentials. Just like these providers, the sign-in with Apple allows site visitors to use their Apple ID credentials to sign-in to other websites. 

A security research from Delhi, India has discovered an account takeover flaw in Apple's Sign-in with Apple system. These systems work by allowing you to login to a popular service and receiving a "token" that authorizes you access to the websites that use the login service. 

The security researcher discovered if he could identify a valid email address of an Apple ID (which was openly contained in an initial login request), he could pass the email address to a publicly accessible web service and retrieve a valid token. No password was required to do this. 

Luckily, because of the bug report being completed properly, Apple was able to very quickly patch the open flaw and states that its investigations did not show any misuse or compromise. Which is good news for services such as Adobe, Airbnb, Dropbox, eBay, Grindr, Medium, Strava, Tik Tok, and even WordPress that utilize this log-in method. 

READ MORE

Read More

Topics: Managed Service Provider, Internet Safety, SEO, Cybersecurity, Multi-factor Authentication, Malware, Podcast