720-891-1663

DoJ Sues Georgia Tech for Cybersecurity Fraud

I didn’t have enough characters in the title to really explain it. Like many universities, Georgia Institute of Technology or Georgia Tech is a defense contractor. It does a variety of things like research and testing. As part of those contracts, the school has access to sensitive information, which, according law and/or contract, they are […]

Continue reading → [DISPLAY_ACURAX_ICONS]

You Know That Badge That Opens The Door – Security or Convenience, Pick Just One

Using a badge to get you in the office (and for some companies out of the office as well) may not be as secure as you thought it was. French security services firm Quarkslab has made an eye-popping discovery: a significant backdoor in millions of contactless cards made by Shanghai Fudan Microelectronics Group, a leading […]

Continue reading → [DISPLAY_ACURAX_ICONS]

A Third of Compromised API Keys Still Active

API Keys are an alternative to passwords for connecting to a computer or web service. Typically, API Keys are used by software applications to talk to other applications and are considered more secure than using userids and passwords to authenticate. Unfortunately, too many developers don’t treat APIkKeys like the security risk they are. API keys […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Security News Update for Week Ending July 26, 2024

Google Rolls back Decision to Kill Third Party Cookies Firefox and Safari, along with some other smaller browsers already block third party cookies by default. Google said that they would do the same. Google now says that phasing out third party cookies will hurt their revenue stream, uh, will impact online advertising, so they are […]

Continue reading → [DISPLAY_ACURAX_ICONS]

The CrowdStrike Meltdown – The Rest of the Story

CrowdStrike is a major vendor of user workstation security software used by many Fortune 500 companies and government agencies. On Friday, they caused a major meltdown of Windows workstations across the globe. CrowdStrike insists that this was simply a software update gone wrong and maybe that is true. But there are plenty of conspiracy theorists […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Security News Update for Week Ending July 19, 2024

AT&T is First Company To Evade SEC’s 4 Day Breach Disclosure No, they are not badasses, they asked for permission. The SEC rules that went into effect last year have a carve out from the disclosure rule – actually it is not an exception, just a delay. It is not clear who asked whom, but […]

Continue reading → [DISPLAY_ACURAX_ICONS]