I am not sure whether this is a surprise or not. The apps for both Biden and Trump are not secure. Does that show up as a surprise to you? Let’s start with Biden’s App. Biden’s iOS app did not even validate the email addresses, so anyone, say in North Korea can download and abuse […]
Continue reading → [DISPLAY_ACURAX_ICONS]Sometimes we focus on the details of cybersecurity protections. And ignore the core issues. In a lot of cases, when companies office in multi-tenant office buildings, the Internet comes into a shared area of the building that is not part of the company’s leased space. This is called a Dmarc for point of demarcation. The […]
Continue reading → [DISPLAY_ACURAX_ICONS]This is a follow up to yesterday’s newsletter alert and sorry, it is a bit technical, but I will try to make it as untechnical as possible. Up to a few years ago, if you ran a website, you could buy an HTTPS (also known as a TLS or SSL) certificate that didn’t expire for […]
Continue reading → [DISPLAY_ACURAX_ICONS]It is pretty interesting what you find when you rummage around your computer. Most computers these days have cameras and microphones. Do you know which applications can access your camera? What about your microphone? I didn’t. In fact, I didn’t even know where to look to find the answer to that question. When I looked, […]
Continue reading → [DISPLAY_ACURAX_ICONS]Dial back your wayback machine to September of last year. Capital One announced a hack of their Amazon environment by an ex-Amazon employee the previous July that was possible to due an incorrect configuration of their security settings. Fast forward to today and the feds announced an $80 million fine for bad cloud hygiene. The […]
Continue reading → [DISPLAY_ACURAX_ICONS]There are an amazing number of misconfigured Amazon S3 buckets. I have no clue why. No company should be in this boat any more. Truffle Security said that a team of there security pros STUMBLED across about 4,000 of them. What was in them? Login credentials – not great. Security keys – even worse. API […]
Continue reading → [DISPLAY_ACURAX_ICONS]