Following on from yesterday’s United Airlines post, both Kaspersky and Symantec are reporting about a hacking group that is not interested in stealing credit cards. Instead, they are stealing corporate secrets for financial gain. Whether they are using them for insider trading or selling them to the highest bidder, the group, whom Kaspersky calls Wild […]
Continue reading → [DISPLAY_ACURAX_ICONS]With Windows 10 (and previously, Windows 8.1 phone), Microsoft has created a way for you to share WiFi passwords without revealing them – sort of. In my opinion, and in the opinion of a lot of other security professionals, this is a complete security disaster. There are some things that you can do to mitigate […]
Continue reading → [DISPLAY_ACURAX_ICONS]HP’s security folks tested the security features on 10 smartwatches along with their cloud and management infrastructure and the results, while not surprising to me, are disappointing. Smart watches are in their infancy; the compute power is relatively limited and, as is usually the case, features win out over security. The question to ask is […]
Continue reading → [DISPLAY_ACURAX_ICONS]Not surprisingly, the fallout from the OPM breach continues. Here are a few new items in the news after OPM Director Archuletta was basically fired. The OPM has changed it’s privacy policy to allow investigators to probe it’s databases. This happened after the discovery of “significant entryways” for hackers in at least 3 more databases. […]
Continue reading → [DISPLAY_ACURAX_ICONS]The Ponemon Institute released a study that compares the views of about 7,000 Board members and 11,000 IT security people and the results show some interesting data. The first question is ” Our board of directors understands the security risks to the organization”. While 70% of the board members agree or strongly agree with that […]
Continue reading → [DISPLAY_ACURAX_ICONS]Yesterday was Patch Tuesday. Microsoft had 14 bulletins, 5 of which they deemed critical, covering 59 vulnerabilities. Oracle released patches covering 193 vulnerabilities, including 25 Java patches, one of which is already being exploited in the wild. 44 of these vulnerabilities came from third party components. Of the 25 Java vulnerabilities fixed, 23 of […]
Continue reading → [DISPLAY_ACURAX_ICONS]