Early this month, New York’s Department of Financial Services, the regulator for banks and insurance companies, issued guidance on cybersecurity insurance. Unfortunately, the guidance was not to insurance customers; it was for insurance companies. The regulator is concerned that big breaches may cause insurance companies to go out of business. DFS advised insurers against paying […]
Continue reading → [DISPLAY_ACURAX_ICONS]If you read the security news or talk to security vendors, the buzz word of the year is ZERO TRUST. Many vendors tell you that they have the zero trust answer. The reality is a lot more complex. Zero trust is not a product or even a family of products. It is not a platform. […]
Continue reading → [DISPLAY_ACURAX_ICONS]Last October Wilmington Surgical Associates was dealing with a ransomware attack. Allegedly, the Netwalker ransomware group stole 13 gigabytes of data, which in today’s world easily fits on a flash drive, and leaked that data online. The patients of the North Carolina clinic whose data was stolen and leaked are seeking “redress for its unlawful […]
Continue reading → [DISPLAY_ACURAX_ICONS]I have been talking a lot about supply chain risk lately and there is a good reason. From open source products with backdoors like Webmin or Rubygems to NotPetya a few years ago which shut down many companies around the world to the recent attacks against SolarWinds or Centreon, supply chain attacks are running rampant. […]
Continue reading → [DISPLAY_ACURAX_ICONS]In 2018 Bloomberg ran a story that claimed that China had embedded tiny microchips on Supermicro computer server processor boards in 2015. Everyone denied it – Supermicro, the intelligence community (IC), China. Supply chain attacks seem to be everywhere these days and this is another one. I don’t know if it is true, but why […]
Continue reading → [DISPLAY_ACURAX_ICONS]SIM swap attacks is a hacking technique where hackers socially engineer cell phone providers to steal a victim’s phone number. That means that hackers get the victim’s text messages and phone calls. While two factor authentication is not used by the majority of people, when it is used, the most common form of two factor […]
Continue reading → [DISPLAY_ACURAX_ICONS]