59% of cybersecurity executives at large and medium organizations say that they have LOST business due to product security concerns for connected and embedded devices. 45% say that customers want detailed information about what is in their devices, but only 11% of companies have high confidence that they can do that, even if they want […]
Continue reading → [DISPLAY_ACURAX_ICONS]While the details of this are interesting, what is more important is thinking about all of the contracts that you sign. This is a legal battle that goes back several years. In one corner is Fiserv, the Fortune 200 +/- financial services software behemouth. In the other corner is Bessemer System Federal Credit Union, a […]
Continue reading → [DISPLAY_ACURAX_ICONS]I have been talking a lot about supply chain risk lately and there is a good reason. From open source products with backdoors like Webmin or Rubygems to NotPetya a few years ago which shut down many companies around the world to the recent attacks against SolarWinds or Centreon, supply chain attacks are running rampant. […]
Continue reading → [DISPLAY_ACURAX_ICONS]I have been ranting about Software Bills of Material or SBoM for a while. This week I have two examples of why this is important – even critical. The first story is about a TCP/IP network stack and the vulnerability is called Amnesia:33. It impacts four open source libraries – uIP, FNET, picoTCP and Nut/Net. […]
Continue reading → [DISPLAY_ACURAX_ICONS]France Says it is Going Ahead with Digital Tax France has been complaining that U.S. companies (mostly) have not been paying their fair share of French taxes since they are not selling widgets that delivered in France, so they came up with this digital tax, a 3% tax on digital services delivered in France. They […]
Continue reading → [DISPLAY_ACURAX_ICONS]You would think that in 2020 we wouldn’t have to tell people not to use default passwords. You would certainly think that we wouldn’t have to tell government IT folks not to do that. But if you thought that, apparently, you would have thought wrong. We are still telling end users to change the password […]
Continue reading → [DISPLAY_ACURAX_ICONS]