720-891-1663

Third Party (Vendor) Cyber Risk Management Rears its Ugly Head AGAIN!

This seems to be a recurring topic, but it doesn’t seem to be getting any better, so I will leap back into the fray. Last month Ticketmaster announced they had a breach and they led people to believe that it was isolated and that it had something to do with their software. According to RiskIQ, […]

Continue reading → [DISPLAY_ACURAX_ICONS]

What Happens When Your Firewall Loses the War and Joins the Other Side?

Cisco released an announcement that a high severity vulnerability affecting many Cisco ASA firewalls and Firepower security appliances has a proof of concept available in the wild.  This means that even amateurs can take that code, modify it a bit and successfully either force your firewall to randomly reboot or to steal credentials from that […]

Continue reading → [DISPLAY_ACURAX_ICONS]

IoT is Going to Set Security Back a Decade, at Least

Axis Communications, the Swedish maker of high end security cameras (up to $1,000 each), announced patches to seven vulnerabilities that affect almost 400 camera models. Axis is not some cheap Chinese knockoff;  these are well respected cameras used in businesses the world over. The vulnerabilities, discovered by the security firm VDOO, comes with in depth […]

Continue reading → [DISPLAY_ACURAX_ICONS]

DoD Moving Forward on Cybersecurity After Breach

In the wake of the cybersecurity disaster at the Naval Undersea Warfare Center, where a contractor lost control of over 600 gigabytes of extremely sensitive weapons system data for the Sea Dragon program, the DoD is reacting.  Sea Dragon, based on the few details we have, is a disruptive offensive weapon targeting Chinese submarines. Among […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Bug in Git Software Could Make Software Repositories Vulnerable

Git, the software used by millions of software developers to manage their source code – the crown jewels of most corporations – is vulnerable to two different attacks. The first bug would allow a malicious attacker to overwrite code in folders where they should not be. The second bug allows an attacker to read arbitrary […]

Continue reading → [DISPLAY_ACURAX_ICONS]