If you didn’t know better you would think the NSA is trying to turn over a new leaf. Credit Anne Neuberger. A couple of years ago the NSA dissolved the Information Assurance Directorate – the group that helps the good guys. To me, this was an incredibly stupid move on the part of the NSA. […]
Continue reading → [DISPLAY_ACURAX_ICONS]There are an amazing number of misconfigured Amazon S3 buckets. I have no clue why. No company should be in this boat any more. Truffle Security said that a team of there security pros STUMBLED across about 4,000 of them. What was in them? Login credentials – not great. Security keys – even worse. API […]
Continue reading → [DISPLAY_ACURAX_ICONS]Many Cyberspace Solarium Commission Recommendations Likely to Become Law The Cyberspace Solarium Commission was a blue ribbon commission that made recommendations to Congress earlier this year on improving government cybersecurity. It appears that many of their recommendations are being added to the National Defense Authorization Act, which is “must pass” bill to fund the military. […]
Continue reading → [DISPLAY_ACURAX_ICONS]You know that if publications like Forbes are running pieces on preparing for ransomware attacks that things must be getting bad. The Forbes piece, written by former Deputy Undersecretary for Cybersecurity at DHS Mark Weatherford is good, but it leaves out a few things (I am guessing that Forbes gave Mark a word limit). We […]
Continue reading → [DISPLAY_ACURAX_ICONS]Companies like Microsoft, Lenovo, GE, Nintendo and many others have created publicly visible repositories on places like Github. Some of these buckets are empty and some may legitimately be intended to be public. But those that contain access credentials – userids, passwords and API keys – likely are NOT intended to be public. Some of […]
Continue reading → [DISPLAY_ACURAX_ICONS]As if ransomware wasn’t bad enough in the past. As if ransomware 2.0 didn’t make you lose sleep. If you thought that the pandemic was slowing down cyberattacks. Sorry to be the bearer of bad news. We are seeing new ransomware strains pop up at an alarming rate. In just the past couple of months […]
Continue reading → [DISPLAY_ACURAX_ICONS]