If you have tried to hire any cybersecurity talent recently, you know that experienced folks are hard to find, hard to keep and expensive. That is why we offer the virtual Chief Information Security Officer program. But if you are the federal government and you have hundreds of agencies and millions of employees – not […]
Continue reading →
[DISPLAY_ACURAX_ICONS]
When phishers attack users, they typically try to steal your credentials – your userid and password. If you are one of the small percentage of users that religiously use two factor authentication (Google says that 90% of GMail users do not use two factor authentication), these password thefts do not help a hacker unless they […]
Continue reading →
[DISPLAY_ACURAX_ICONS]
Here is the punch line. Automotive cybersecurity incidents doubled in 2018 and are up 605% since 2016. That doesn’t seem that safe to me. Here are some statistics from Upstreams 2019 automotive cybersecurity report: 330 million vehicles are already connection and top brands in the US say that they will only sell connected vehicles this […]
Continue reading →
[DISPLAY_ACURAX_ICONS]
Starbucks Leaves Their API Key in a Public Github Repository Vulnerability hunter Vinoth Kumar found a Starbucks API key in a public Github repo. The flaw was set to CRITICAL after they verified that the key gave anyone access to their Jumpcloud (An AD alternative) directory. The problem was reported on October 17th and it […]
Continue reading →
[DISPLAY_ACURAX_ICONS]
No, I am not kidding. Currently, your Social Security Number is effectively a national identifier. Except when it is not allowed to be used. In many healthcare situations, they use first and last name plus birth date. Apparently, however, that is more than a bit error prone. This has led to treatment errors and medication […]
Continue reading →
[DISPLAY_ACURAX_ICONS]