Last week I wrote about 4 different cases where courts are moving in the direction of making it easier for plaintiffs to sue companies in case of a breach. Now we have another situation. In the past, judges have approved settlements that only made the lawyers rich. The plaintiffs sometimes got, literally, nothing. That is […]
Continue reading → [DISPLAY_ACURAX_ICONS]Text Messaging for Two Factor Authentication is Under Attack We have talked on occasion about a basically theoretical attack against text messages as the second factor for authentication. It is likely that the feds know more than they are telling us about that since the National Institute of Standards and Technology has deprecated the use […]
Continue reading → [DISPLAY_ACURAX_ICONS]GoDaddy has an interesting feature. If a hacker creates a FREE GoDaddy account they can and have created a whole bushel of mischief. If you have a free account, you can use GoDaddy’s managed DNS service for free for a limited amount of time. Only problem is that GoDaddy didn’t validate that you owned the domain […]
Continue reading → [DISPLAY_ACURAX_ICONS]Oklahoma Government Data Left Unprotected The Oklahoma Department of Securities left data going back to at least 1999 unprotected online. Data exposed included state agency passwords and login information, data on FBI investigations, information on thousands of securities brokers and other information. The state says it was unprotected for “a limited duration”. They are investigating. […]
Continue reading → [DISPLAY_ACURAX_ICONS]Imagine watching TV one day and hearing an alert that says that ballistic missiles were headed from North Korea to Los Angeles, Chicago and Ohio. The alert said that people had three hours to evacuate. Ignore for the moment the fact that Russian TOPOL ballistic missiles can travel at up to 15,000 MPH, so it […]
Continue reading → [DISPLAY_ACURAX_ICONS]Homeland Security’s newly named agency – the Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive to executive branch agencies – many of which have personnel on furlough – regarding a DNS hijacking issue. The issue is not limited to agencies and every company and private individual that owns one or more Internet domains […]
Continue reading → [DISPLAY_ACURAX_ICONS]