The IRS is changing from using a homegrown userid and password based authentication system to a third party single signon type of system run by ID.ME. Given that the IRS doesn’t have a great track record for security, your first inclination might be “can’t be any worse than what they had before”. The short version […]
Continue reading → [DISPLAY_ACURAX_ICONS]As times change and as a function of the pandemic response, governments are trying to deliver more services online. Unfortunately, governments rarely get to hire the best or the brightest software developers or security architects because they cannot match what the private sector can offer. Auth0 recently released the findings of its Public Sector Identity […]
Continue reading → [DISPLAY_ACURAX_ICONS]Law enforcement has been trying since at least the 1990’s when they jailed and tried to convict Phil Zimmerman for creating an open source encryption program called PGP, to put the encryption genie back in the bottle. The problem is that encryption is math and math doesn’t care about politics. If some governments were to […]
Continue reading → [DISPLAY_ACURAX_ICONS]Hackers Sending Malware Filled USB Sticks in the Mail Old, tried and true techniques continue to work as hackers have been sending malware-filled USB sticks in the mail and UPS to defense, transportation and insurance companies, hoping someone did not do their security awareness training and plugs the drive into their computer. It just shows […]
Continue reading → [DISPLAY_ACURAX_ICONS]Actually, they just used New York as an example, but the researchers literally melted the copper power lines. Once the power lines were vaporized, well, there was no more power. The good news is that this was just a demonstration, but definitely a scary one. Worse yet. The device the team hacked – it was […]
Continue reading → [DISPLAY_ACURAX_ICONS]As hackers become smarter, generate more and more effective attacks and users continue to work from almost anywhere, IT teams have to get smarter about effective endpoint security. This is going to take a layered approach. This includes moving towards zero-trust. Here are some recommendations. Signature and heuristic-based detection – this is what most traditional […]
Continue reading → [DISPLAY_ACURAX_ICONS]