720-891-1663

Are We About to See Another Log4j?

This one is called LINGUISTIC LUMBERJACK. Fluent Bit is a very widely used open source logging package in the cloud. It is used by all major cloud providers. It has been downloaded over 3 billion times just in 2022. Fluent Bit is described as “a lightweight, open-source data collector and processor” which collecting and processing […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Security News Update for the Week Ending May 17, 2024

White House Preps New Cyber Rules for Healthcare After ChangeHealth Breach Anne Neuberger, Deputy National Security Advisor for Cyber says that after a decade of pleading with hospitals to protect your data, they are getting ready to roll out regulations. The hospitals say don’t penalize us by making us protect your data; why do we […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Vermont Passes Extra Strong Privacy Bill

Six years ago there were no second generation privacy laws. No we are dealing with stronger and stronger laws. And more challenges for businesses. The rub is that the legislature is controlled by the democrats, the governor is a republican and the legislative session has ended, so the bill could get vetoed. The bill outlaws […]

Continue reading → [DISPLAY_ACURAX_ICONS]

It Feels Like 1995 All Over Again

First a little background. One of the main uses of cryptocurrency – not the only use – is to monetize crime. Most ransomware payments are done via cryptocurrency. There are other, legitimate uses, but they are dwarfed by the illegal uses. To the tune of tens of billions of dollars of criminal activity a year. […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Security News Update for the Week Ending May 10, 2024

TikTok Sues US Government; Vows to Prevail No surprise here and without taking a side pro or con; ByteDance and TikTok have filed suit in federal court arguing the law violates the US Constitution. TikTok’s CEO Shou Zi Chew says the company expects to win a legal challenge to block the new law. He says […]

Continue reading → [DISPLAY_ACURAX_ICONS]

CISA Extends Comment Period on CIRCIA Rules

Probably your first question is what the heck is CIRCIA. CIRCIA is a law passed by Congress in 2022 that requires CISA to create a set of regulations for reporting cyber incidents by critical infrastructure operators. Needless to say, those operators would much rather have a very low profile and report things only if and […]

Continue reading → [DISPLAY_ACURAX_ICONS]