720-891-1663

Security News for the Week Ending December 10, 2021

NEW LOG4J JAVA LIBRARY ZERO-DAY IS BEING EXPLOITED IN THE WILD A proof of concept for a zero-day vulnerability in the very popular Apache Log4j Java library is being shared online. Log4j is used both in enterprises and in cloud services. Products from Apple, Amazon, Twitter and Steam, among others may be vulnerable to remote […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Lloyd’s Tries to Define Acts of Cyberwar

Or at least standardized policy language on the subject. Cyber insurance policies have always had language excluding “hostile and warlike actions”, whatever the hell that means. What it means is full employment for lawyers. And a long time before you get paid. The Lloyd’s Market Association, the syndicate that drives Lloyd’s backed policies, has created […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Security News for the Week Ending December 3, 2021

Australia Proposes Law To Force Online Platforms to Disclose User Info Australia plans to introduce legislation that will force social media companies to either take down posts that people don’t like or hand over their user’s information. This isn’t law yet, but I can easily see how this will be gamed. This comes in the […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Defense Contractors Highly Susceptible to Ransomware Attacks

Security firm Black Kite says that 20 percent of America’s largest 100 defense contractors are highly susceptible to a ransomware attack. Why do they say this? Nearly 43% of federal defense contractors have out-of-date systems, giving them a D+ rating for patch management. 42% of contractors have had at least one credential compromised in the […]

Continue reading → [DISPLAY_ACURAX_ICONS]