Microsoft is often between a rock and a hard place. They would like to be more secure but not at the expense of offending their customers. Here is an example of that. Microsoft has announced that RSA keys shorter than 2048 bits will soon be deprecated in Windows Transport Layer Security (TLS) to provide increased […]
Continue reading → [DISPLAY_ACURAX_ICONS]One thing about a country that has no federal privacy law – There are very few limits on what someone can do with data that they have legally collected. The legal part is that you agreed to allowi your “smart car” to collect your driving data. That data may include things like your speed and […]
Continue reading → [DISPLAY_ACURAX_ICONS]For decades the DoJ seemed to be ignoring cybersecurity failures on the part of even large companies. That has changed. DoJ has started up an entire bureau for going after companies that ignore the rules. Recently they fined Booz $335 million for False Claims Act violations. Last week they announced they are going after Georgia […]
Continue reading → [DISPLAY_ACURAX_ICONS]The False Claims Act (FCA) is a Civil War era law that both penalizes companies for lying about their cybersecurity protections and rewarding whistleblowers for turning in fraudsters. In 2021 the Justice Department created a new initiative to stem civil-cyber fraud. One of the beneficiaries of that is the Defense Department which has been plagued […]
Continue reading → [DISPLAY_ACURAX_ICONS]I talk all the time about third-party or supply chain breaches and there is serious impact to them. Here is one example going on now. Change Health is a healthcare payment facilitator among other services. They are used by doctors, pharmacies and hospitals to get paid. Change is owned by Optum Health which, in turn, […]
Continue reading → [DISPLAY_ACURAX_ICONS]Five Eyes Agencies: SolarWinds Hackers Adopting New Tactics As businesses move to the cloud, hackers are adopting new techniques since Software as a Service providers are much better at patching than most companies are. Instead, the Russian hackers are stealing authentication tokens and using them to get access to the cloud, including creating new accounts […]
Continue reading → [DISPLAY_ACURAX_ICONS]