NIST Special Publication 800-171 is the guide that all defense contractors must follow for protecting controlled unclassified information. It has been around since 2015 and has gone over several revisions. Revision 3 is the most recent and NIST has released the “initial public draft”. Expect a final draft this fall and a released version in […]
Continue reading → [DISPLAY_ACURAX_ICONS]Most of us have either used or seen others use that badges to unlock doors either at homes or offices. Most of these use a technology called Wiegand Wire. Compared to your average key, it is more secure and it does leave an audit trail, but the badges are easily cloned using devices available on […]
Continue reading → [DISPLAY_ACURAX_ICONS]Colorado AG Sends out “Welcome Letters” About CO Privacy Law Colorado AG Phil Weiser has sent out letters to businesses reminding them of their responsibilities under the Colorado Privacy Law. Likely the next letter won’t be so welcoming. Credit: Truyo White House Will Host Roundtable on Harmful Data Broker Practices At the roundtable, the CFPB […]
Continue reading → [DISPLAY_ACURAX_ICONS]The hacker business is like any other business. There are specialists. In the hacking business, one of the specialties is initial access. Initial access brokers break in to businesses and “collect” credentials. They don’t use those credentials. That is a different specialty. Researchers say that they studied Russian language hacker forums for a few months […]
Continue reading → [DISPLAY_ACURAX_ICONS]In 2008 a group of MIT students were going to present a paper at the hacking convention Defcon on vulnerabilities in the Boston Transit (called the MBTA) fare card. The MBTA sued Defcon and the presentation was cancelled. But not before the slides for the presentation were published online. While this is an alternative to […]
Continue reading → [DISPLAY_ACURAX_ICONS]Police Don’t Know Who Accessed Data Posted in Error This is somewhat hard to believe while at the same time all too common. Would your company do any better. Police in Northern Ireland posted the entire country’s police roster in response to a freedom of information request – by accident. Even though they took it […]
Continue reading → [DISPLAY_ACURAX_ICONS]