I talk all the time about third-party or supply chain breaches and there is serious impact to them. Here is one example going on now. Change Health is a healthcare payment facilitator among other services. They are used by doctors, pharmacies and hospitals to get paid. Change is owned by Optum Health which, in turn, […]
Continue reading → [DISPLAY_ACURAX_ICONS]Five Eyes Agencies: SolarWinds Hackers Adopting New Tactics As businesses move to the cloud, hackers are adopting new techniques since Software as a Service providers are much better at patching than most companies are. Instead, the Russian hackers are stealing authentication tokens and using them to get access to the cloud, including creating new accounts […]
Continue reading → [DISPLAY_ACURAX_ICONS]Sorry, this is going to be a bit convoluted, so try to stay with me. First we had encryption. Things were good. Encryption was based on mathematically hard problems and computers could not do the math, even in, potentially, a hundred thousand years. Then came Quantum computing. Or at least it is coming. Or maybe […]
Continue reading → [DISPLAY_ACURAX_ICONS]Veracode makes software that tests your software for vulnerabilities. Software developers use Veracode’s product to see if their software is vulnerable. Here is some information based on scanning over one million applications: Veracode says that AI-Generated code brings security bugs at scale and will likely add to security or technical debt. AI tools might also […]
Continue reading → [DISPLAY_ACURAX_ICONS]Security or convenience, pick one. Background: there is a difference between IDENTIFICATION and AUTHENTICATION. Identification is the equivalent of a userid. Userids are not secret. Authentication is the equivalent of a password. Passwords are secret. Many systems use biometrics like a face scan to BOTH identify a user and authenticate that it is really that […]
Continue reading → [DISPLAY_ACURAX_ICONS]Assuming you are like every other company, you communicate with people. People like employees, customers, suppliers and the media. Given what we are seeing, already, with deepfakes and the the fact that this is only just starting, what is your plan to protect your reputation? Would a competitor or someone else publish a photo, video, […]
Continue reading → [DISPLAY_ACURAX_ICONS]