No. Not really. Are bad 1-time passcodes a corporate liability? Yes, but bad anything is a liability. In the wake of the Twilio breach, my buddy Brian Krebs posted an item titled “How 1-Time Passcodes Became a Corporate Liability”. In one sense, he is right because most companies chose the easiest one 1-time passcode to […]
Continue reading → [DISPLAY_ACURAX_ICONS]Schools are legitimately trying to figure out ways to keep students safe from gun and other violence. Unfortunately, there are no simple ways to do this. Some schools are trying to use AI to solve the problem, but the reality that schools are experiencing using this technology is, apparently, quite different from what is represented […]
Continue reading → [DISPLAY_ACURAX_ICONS]The hackers that breached outsource customer communications vendor Twilio earlier this month didn’t just compromise encrypted communications app vendor Signal. In fact, they compromised more than 130 companies and 10,000 employees. Why? because Twilio is a vendor to all of these companies and these companies trusted Twilio. And, apparently, Twilio’s security practices were not good […]
Continue reading → [DISPLAY_ACURAX_ICONS]Starting in March 2023, Lloyd’s will REQUIRE all its agents to exclude liability for losses from state sponsored cyberattacks. The problem is defining what is a state sponsored attack. In a bulletin to its producers last week, Lloyd’s says that it remains strongly supportive of its agents writing cyber policies, it is concerned that the […]
Continue reading → [DISPLAY_ACURAX_ICONS]Here is some data to consider: The US General Accounting Office (GAO) says the percentage of businesses buying cyber risk insurance jumped from 26% in 2016 to 47% in 2020. Here is why. Coalition insurance released some data from their claims history. Remote Desktop Protocol (RDP) continues to be a big problem according to Coalition […]
Continue reading → [DISPLAY_ACURAX_ICONS]A cybersecurity vendor for one of Mexico’s largest banks sent a cease-and-desist to a cybercrime forum saying that an auction on the site for data stolen from the bank – data for 10 million customers – was fake news and harming the bank’s reputation. So what did the web site’s administrator do? Not what the […]
Continue reading → [DISPLAY_ACURAX_ICONS]