Evernote Security Breach Announcement Includes One (Big) Stumble

You've heard by now that Evernote had a major security breach and is forcing its customers to reset passwords... 50 million accounts. What you may not have realized is that Evernote's email announcing the problem - a much more transparent and prompt response to the issue than most of the tech giants who preceded them down this path - included what looked like a spoofed link to a password-reset page. I learned about this Saturday when a tech friend provided a heads-up re the discrepancy. I wondered out loud if someone was already using the outage as a phishing attack. But no, the odd link came from Evernote's email marketing firm. …continue reading →

Beefing Up Facebook Security: How To Set Up Two-Step Verification

FacebookOne way to make it harder for bad guys to access your online accounts is to require more than a username and password to access an account. Google uses a two-step verification process tied to account credentials and your mobile phone. So does Facebook. And as Alex Howard points out, security has always been important but events are conspiring to suggest just how important. Learn how to set up two-step verification on your Facebook account. Important for anyone, the higher your public profile, the more important. This means journalists, professors engaged in public scholarship (especially when controversial), celebrities (authors, musicians, actors, directors, models, athletes ....), politicians (of all stripes, elected or candidate), political appointees, judges and high profile lawyers ... anyone who manages a Facebook page for someone else ...  the list goes on. …continue reading →

Attn: WordPress Installs On MediaTemple

Looking For A New Host

The Wordpress installation at motogrrl.com/blog was infected with malware from http://oeooea.com on Friday. The Media Temple support page (Wordpress redirect exploit) has not been updated to reflect this new vector, even though Sucuri.net posted an alert on 3 September 2010 and another Media Temple customer used Twitter to alert the public to the problem on 31 August 2010. …continue reading →