While any form of two factor authentication is better than none, there are still security holes. In a story I read tonight, a tech savvy user fell for a social engineering attack. He received what he thought was an Instagram message from a friend and responded to it. It turns out it was a social […]
Continue reading → [DISPLAY_ACURAX_ICONS]We all know that North Korea has been funding their terrorism – and their economy – using ransomware attacks and other malware. Now they have a new way and it is pretty creative. According to an advisory from the feds, North Korean IT workers have been trying to get IT jobs in the United States […]
Continue reading → [DISPLAY_ACURAX_ICONS]There have been many issues over the years with passive (keyless) entry systems, including but not limited to vehicles. In this case, researchers at the NCC Group used a “relay attack” to not only unlock a Tesla Model 3, but also start it and drive away. A relay attack works like this. You take one […]
Continue reading → [DISPLAY_ACURAX_ICONS]Many or possibly most small businesses don’t have an internal IT department. They rely on a third party to help them manage their IT assets. These third parties are called Managed Service Providers (MSPs) or sometimes Managed Security Service Providers (MSSPs). This is not inherently bad. But many of these MSPs are not much larger […]
Continue reading → [DISPLAY_ACURAX_ICONS]Here is another short read for you (sorry). For those who read this blog on a regular basis, you know that we talk about supply chain risk a lot. Formally, the government calls it Cybersecurity Supply Chain Risk Management or C-SCRM. Supply chain attacks are very popular because if you pull one off (think SolarWinds), […]
Continue reading → [DISPLAY_ACURAX_ICONS]As we watch hackers compromise systems of both large and small companies in every country every day, it kind of points out the obvious – whatever security program companies that develop software have in place are not adequate to the threat. Up until now, software companies have not suffered because their license agreements say that […]
Continue reading → [DISPLAY_ACURAX_ICONS]