For a decade the feds recommended frequent password changes. A couple of years ago NIST changed their mind and said it was the worst recommendation they ever made. Still a lot of companies and regulators require frequent password changes. Is that a good idea? Microsoft used to recommend frequent password changes. Their current guidance: According […]
Continue reading → [DISPLAY_ACURAX_ICONS]The GAO, formerly known as the General Accounting Office, works for Congress and does studies of how horribly inefficient the government is. In theory, that is so Congress can create new laws to make them do what any sensible organization would do without the laws. Here is one example. The GAO reviewed the security practice […]
Continue reading → [DISPLAY_ACURAX_ICONS]Signal Tells Cellebrite to Back Off Signal is the encrypted message app created by white hat hacker Moxie Marlinspike and his team. Cellebrite is the Israeli company that cracks cells phones for law enforcement. Cellebrite claims to be able to crack Signals messages (it is not clear if they are breaking the crypto or have […]
Continue reading → [DISPLAY_ACURAX_ICONS]Well that is a pretty depressing headline, but that is what the statistics say. According to a Sophos study, the average cost of a ransomware attack jumped from $761,000 to $1.85 million over the last year. The average ransomware payment is now $170,000. More worrysome, only 8% of the organizations say that they got all […]
Continue reading → [DISPLAY_ACURAX_ICONS]The most famous supply chain attack of the last few years was the SolarWinds attack. That attack was a home run for the Russians. Other hackers (or maybe the same ones) thought that was a great attack vector. Now it seems to have become quite popular. Then came DevOps tool provider Codecov. Hackers compromised Codecov, […]
Continue reading → [DISPLAY_ACURAX_ICONS]If you were using your phone and visited a web site when a message popped up that said something like “we want to sell your data to anyone we want and you get nothing for that – do we have your permission to do that?” – what would your answer be? Well, if you are […]
Continue reading → [DISPLAY_ACURAX_ICONS]