In the wake of all of the breaches that we read about on an almost daily basis, large companies have begun to take the cybersecurity threat seriously. While they are far from perfect, far from secure, they are way more secure than they were even 5 years ago. What that means is that big businesses […]
Continue reading → [DISPLAY_ACURAX_ICONS]Security. Convenience. Pick one! That is my forever mantra. Now we are finding out that when you login to your favorite site using “Login with Facebook” your data is exposed to third parties. Nice. According to research from “Freedom to Tinker” at Princeton, when a user logs in using Facebook’s API, Javascript on the site […]
Continue reading → [DISPLAY_ACURAX_ICONS]FDA Begins Process to Change Patching of Medical Devices The Food and Drug administration is beginning to understand that their 19th century strategy that requires manufacturers to recertify their products every time they apply a patch only leads to the devices being hacked – which they are being, regularly. They have also asked Congress for […]
Continue reading → [DISPLAY_ACURAX_ICONS]For those of you who have been reading my blog for some time, you know that I have written about the software supply chain security problem. In a nutshell, the problem is that programmers rarely write code from zero anymore. Instead teams write pieces of code and integrate it. Then there is limited testing due […]
Continue reading → [DISPLAY_ACURAX_ICONS]There is a term in the cyber security world called dwell time. Dwell time is the amount of time between the time an attacker breaks in and the good guys figure that out. In 2011 the average dwell time was over 400 days. According to a just released Mandiant report, that number is now only […]
Continue reading → [DISPLAY_ACURAX_ICONS]Google has a interesting strategy. Build prototypes of products. Show them or leak them. See if anyone cares. Kill them if it doesn’t work out – there are lots of examples. After many users are already using them. One other thing that they do is attempt to lock users into the Google ecosystem. Of course. […]
Continue reading → [DISPLAY_ACURAX_ICONS]