Last week the SEC released what they call a Risk Alert to Investment Advisors and Broker-Dealers saying that they were concerned about the protection of client information because of recent attacks and attempted attacks against the financial community. In the alert, they laid out the very particular concerns they have in 6 specific areas and […]
Continue reading → [DISPLAY_ACURAX_ICONS]In a classic TSA response, the TSA says that this is no big deal. First, here is what they said in 2003 when they introduced them: TSA official Ken Lauterstein described them as part of the agency’s efforts to develop “practical solutions that contribute toward our goal of providing world-class security and world-class customer service.” Now, […]
Continue reading → [DISPLAY_ACURAX_ICONS]Target announced that they were breached in December of 2013 – about 22 months ago. This week a federal judge certified a class action against Target by a number of banks. Target says they are “disappointed” by the decision. This comes a month after Target agreed to pay Visa up to $67 million to settle […]
Continue reading → [DISPLAY_ACURAX_ICONS]After the Ashley Madison breach, everyone sighed a breath of relief because the passwords were encrypted with bcrypt. Bcrypt, as used by Ashley Madison, hashed the password 4,096 times. That calculation meant that even with fast computers it would take centuries to crack all of them. Until a group of hobbyists – yes hobbyists, not professional […]
Continue reading → [DISPLAY_ACURAX_ICONS]As researchers continue to review the data dumps from the Ashley Madison breach, there are lessons to be learned from what has been found. While Ashley Madison claimed to have good security, the evidence does not support that. For example, the VPN password from the Internet to their servers was Pass1234, according to one article […]
Continue reading → [DISPLAY_ACURAX_ICONS]Excellus Blue Cross Blue Shield revealed that it has been hacked. Excellus did not detect it had been hacked at all. In fact, it was not until they hired Mandiant to do an audit in the wake of the other Blue Cross hacks that they found out that they had been hacked. The data of […]
Continue reading → [DISPLAY_ACURAX_ICONS]