CISA issued guidance this week to reduce cyber risk. The guidance is very simple: DOES THIS HAVE TO BE OPEN TO THE INTERNET? Of course, you have to know where all of your assets are. This includes by IT and OT (Internet of Things and Industrial Internet of Things) devices. Here are CISA’s yardsticks to […]
Continue reading → [DISPLAY_ACURAX_ICONS]It is important to remember that the agency’s budget proposal is just that, a proposal, and Congress may or may not agree to it. So what is in the proposal? Whether Congress agrees with the agency or not is to be seen, but if they do, you can draw your own conclusion as to the […]
Continue reading → [DISPLAY_ACURAX_ICONS]I understand that the government needs to save money. There probably is enough waste to fund a small country. Or many a bigger one. But are we doing that wisely? CISA, which is the key agency to protect civilian government agencies, especially now with all of the layoffs and which is also the agency directed […]
Continue reading → [DISPLAY_ACURAX_ICONS]CISA is warning businesses that SaaS providers are under attack as a way to steal their customers’ credentials. If you think about this, it makes sense. This came after Commvault, a cloud-based backup solution, was compromised using a zero-day. What is interesting is how they planned to exploit the vulnerability. Commvault claims that no customer data in […]
Continue reading → [DISPLAY_ACURAX_ICONS]Lazy Passwords Still Prevail A new study of over 19 billion newly exposed passwords manifests a widespread weak password reuse crisis. Lazy keyboard patterns, such as 123456, still reign supreme, and 94% of passwords are reused or duplicated, data leaks from 2024-2025 reveal. Names like Ana rank as the second most popular component. Only 6 […]
Continue reading → [DISPLAY_ACURAX_ICONS]Insider threat is a major problem and getting worse all the time. Coinbase, the largest US-based cryptocurrency exchange, has disclosed a major data breach involving bribed overseas customer support agents who stole sensitive customer information. The attackers demanded a $20 million ransom, which Coinbase refused to pay. Instead, the company has offered a $20 million reward […]
Continue reading → [DISPLAY_ACURAX_ICONS]