Five Eyes Agencies: SolarWinds Hackers Adopting New Tactics As businesses move to the cloud, hackers are adopting new techniques since Software as a Service providers are much better at patching than most companies are. Instead, the Russian hackers are stealing authentication tokens and using them to get access to the cloud, including creating new accounts […]
Continue reading → [DISPLAY_ACURAX_ICONS]The FBI touted just last week that they had taken down LockBit and replaced the servers with ones that offered free decryption keys and sunshine for all. It didn’t last long. The Russia-based hackers have reconstituted themselves and have new servers. It is true that the FBI and Europol and others did take down their […]
Continue reading → [DISPLAY_ACURAX_ICONS]Sorry, this is going to be a bit convoluted, so try to stay with me. First we had encryption. Things were good. Encryption was based on mathematically hard problems and computers could not do the math, even in, potentially, a hundred thousand years. Then came Quantum computing. Or at least it is coming. Or maybe […]
Continue reading → [DISPLAY_ACURAX_ICONS]Veracode makes software that tests your software for vulnerabilities. Software developers use Veracode’s product to see if their software is vulnerable. Here is some information based on scanning over one million applications: Veracode says that AI-Generated code brings security bugs at scale and will likely add to security or technical debt. AI tools might also […]
Continue reading → [DISPLAY_ACURAX_ICONS]Security or convenience, pick one. Background: there is a difference between IDENTIFICATION and AUTHENTICATION. Identification is the equivalent of a userid. Userids are not secret. Authentication is the equivalent of a password. Passwords are secret. Many systems use biometrics like a face scan to BOTH identify a user and authenticate that it is really that […]
Continue reading → [DISPLAY_ACURAX_ICONS]DEF CON is Canceled, No Really It is a meme. Every year there are announcements that DEF CON is canceled, but this year it is real. Sort of. DEF CON is the world’s largest hacking convention and has, for years, been held at Caesars in Las Vegas. You may remember that Caesars had an unfortunate […]
Continue reading → [DISPLAY_ACURAX_ICONS]