Cyberattack Ramifications: Chain Closes ALL STORES to Contain Attack Canadian pharmacy chain London Drugs has closed all stores to contain a cyberattack. While many stores stop accepting online orders or credit cards after a cyberattack, it is very rare to see a company stop doing business until further notice. However, they have not notified authorities […]
Continue reading → [DISPLAY_ACURAX_ICONS]The cyber safety review board is similar to the FAA’s National Transportation Safety Board, except that they are investigating Cybersecurity crashes (breaches) rather than airplane or container ship crashes. The board is new. It was created by Executive Order 14028 in 2021. They only convene when requested to by the Secretary of Homeland Security and, […]
Continue reading → [DISPLAY_ACURAX_ICONS]DoD Opens Cyber Policy Office As reported earlier, the planned opening of the Office of the Assistant Secretary of Defense for Cyber Policy officially happened on March 20th. Ashley Manning will manage it until the Senate confirms someone else. President Biden announced that his nominee will be Michael Sulmeyer. Whether the Senate confirms him or […]
Continue reading → [DISPLAY_ACURAX_ICONS]Microsoft is often between a rock and a hard place. They would like to be more secure but not at the expense of offending their customers. Here is an example of that. Microsoft has announced that RSA keys shorter than 2048 bits will soon be deprecated in Windows Transport Layer Security (TLS) to provide increased […]
Continue reading → [DISPLAY_ACURAX_ICONS]Post Quantum Crypto Isn’t The Only Problem – Pre Stone Age Crypto is Also a Problem While some folks are worried about what is going to happen to encryption when quantum computing becomes real, other companies are still using antique crypto. Unfortunately, many of the companies who are using antiques are medical devices and higher […]
Continue reading → [DISPLAY_ACURAX_ICONS]As is often the case, humans and process represent the biggest failure window. Microsoft, to its credit, is being public about its own failures and pretty quickly. The Chinese hackers, Storm-0558, obtained a “golden cryptographic key” which allowed them to generate tokens so that they could masquerade as other users. I don’t know why you […]
Continue reading → [DISPLAY_ACURAX_ICONS]