Categories: Mataki na ashirin da

NCSC: shiga da kalmar sirri shine mafi rashin tsaro nau'i na tantancewa

Shiga tare da sunan mai amfani da kalmar sirri shine mafi rashin tsaro nau'i na tantancewa. Don haka ana shawartar ƙungiyoyin da ke son kare asusun su da kyau su zaɓi hanyoyin tabbatar da ƙarfi, kamar su tabbatar da abubuwa biyu (2FA) da ma'aunin FIDO2 daga FIDO Alliance. Cibiyar Tsaro ta Cyber ​​​​Center (NCSC) ta bayyana hakan a cikin sabon takaddar gaskiya mai suna "Gaskiya manya".

A cewar NCSC, asusun da ke da manyan gata a cikin tsarin, kamar asusun gudanarwa, suna ƙara kai hari. "Bisa wannan ci gaba, yana da matukar mahimmanci don kare asusun ta hanyar da ta dace. Ƙididdigar Tsaro ta Cyber ​​​​Netherlands 2021 ta amince da mahimmancin ingantaccen ingantaccen tabbaci kuma yana nuna cewa matakin barazanar rashin ingancin ingancin ya yi girma, "in ji sabis na gwamnati. Don haka yana ba da shawarar hanyoyin tabbatar da ƙarfi kamar 2FA.

Ba kowane nau'i na 2FA aka halicce su daidai ba. Misali, takardar gaskiyar ta faɗi cewa tantance abubuwa biyu ta amfani da SMS ko imel shine mafi ƙarancin tsari na 2FA. Mai hari zai iya satar lambobin shiga da aka aika ta imel ko SMS. Yin amfani da na'urorin halitta a matsayin na biyu na tsaro ba shi da sauƙi ga irin wannan harin, amma yana ƙarƙashin dokoki da ƙa'idodi na sirri kamar Babban Kariyar Kariyar Bayanai (GDPR), in ji NCSC.

Gwamnati ta kuma ba da shawarar bambance tsakanin asusu daban-daban dangane da hadarin da ke tattare da shi. Babban asusu mai tasiri, kamar na masu gudanarwa, suna buƙatar tsaro daban-daban fiye da, misali, asusun baƙo. Ƙungiyoyi za su iya rarraba asusun su zuwa ƙananan, matsakaici da kuma babban tasiri asusu bisa ga kimanta haɗari. Ana iya adana asusun ta hanyar da ta dace ta amfani da ƙirar balaga don tantancewa.

Har ila yau karanta
Masu fashin tekun Panda na kasar Sin suna zagin kai tsaye Log4j

A ƙarshe, takaddar gaskiyar tana ba da shawarar saita matsakaicin adadin izinin izinin shiga kowane raka'a na lokaci ga duk abokan ciniki. Bugu da kari, ya kamata ma'aikata su iya duba tarihin shiga su, ta yadda za su iya ganowa da bayar da rahoton ayyukan da ake tuhuma da sauri.

Max Reisler

Gaisuwa! Ni Max, wani ɓangare na ƙungiyar kawar da malware. Manufarmu ita ce mu kasance a faɗake game da haɓaka barazanar malware. Ta hanyar shafin yanar gizon mu, muna ci gaba da sabunta ku kan sabbin malware da hatsarori na kwamfuta, muna ba ku kayan aikin don kiyaye na'urorinku. Taimakon ku wajen yada wannan mahimman bayanai a cikin kafofin watsa labarun yana da matukar amfani a kokarinmu na kare wasu.

Share
Published by
Max Reisler
2 years ago

Recent Posts

Cire VEPI ransomware (Decrypt VEPI files)

Kowace rana mai wucewa yana sa harin ransomware ya zama al'ada. Suna haifar da barna kuma suna buƙatar kuɗi…

18 hours ago

Cire VEHU ransomware (Decrypt VEHU files)

Kowace rana mai wucewa yana sa harin ransomware ya zama al'ada. Suna haifar da barna kuma suna buƙatar kuɗi…

18 hours ago

Cire PAAA ransomware (Decrypt fayilolin PAAA)

Kowace rana mai wucewa yana sa harin ransomware ya zama al'ada. Suna haifar da barna kuma suna buƙatar kuɗi…

18 hours ago

Cire Tylophes.xyz (jagorancin kawar da ƙwayoyin cuta)

Mutane da yawa suna ba da rahoton fuskantar matsaloli tare da gidan yanar gizon da ake kira Tylophes.xyz. Wannan gidan yanar gizon yana yaudarar masu amfani zuwa…

2 kwanaki da suka wuce

Cire Sadre.co.in (jagorancin kawar da ƙwayoyin cuta)

Mutane da yawa suna ba da rahoton fuskantar matsaloli tare da gidan yanar gizon da ake kira Sadre.co.in. Wannan gidan yanar gizon yana yaudarar masu amfani zuwa…

2 kwanaki da suka wuce

Cire Search.rainmealslow.live browser hijacker virus

Bayan dubawa na kusa, Search.rainmealslow.live ya wuce kayan aikin burauza kawai. A zahiri browser ne…

2 kwanaki da suka wuce