720-891-1663

Microsoft Didn’t Patch Bug for Years, Leaving Gov Systems Exposed Because It Could Hurt Sales

I don’t even know where to go with this other than to say, unfortunately, I am not surprised. Likely not patching a known bug is probably not illegal, as is not disclosing it. Roll back almost a decade, in 2016, whistleblower and security expert Andrew Harris was working for Microsoft. He was investigating a breach […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Another Law Firm Gets Security Religion – AFTER Hackers Stole 325,000 Customer’s Data

The Houser LLP law firm specializes in taking care of high-profile financial institutions. Last May they were hacked. Ten months later they are finally notifying those high profile customers. They eventually were forced to disclose the breach to the Maine AG (among others). They said files were encrypted (AKA ransomware) and data was stolen. Data […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Intelligence Chiefs Warn of Commercial Espionage

The domestic intelligence chiefs of the “Fives Eyes” – Australia, Canada, US, New Zealand and UK – say that they are seeing a sharp rise in attempts by hostile states to steal intellectual property. The intelligence chiefs spoke at an event hosted by Stanford University’s Hoover Institution. This is a little different that what the […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Federal Civilian Agencies May Have to Comply with CMMC-Like Security Requirements

If you sell to the federal government – any agency – you need to pay attention to this. Until now only DoD contractors were going to have to comply with CMMC or NIST SP 800-171. The standard requires 100% compliance with 110 controls; some of them pretty straight forward like having each user having their […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Simple Advice For Improving Your CyberSecurity Hygiene

While tips and tricks won’t make your organization bulletproof, it will help make you bullet resistant.  Here is a list from Boston Business News that is simple and right on. 1. IT Risk Assessment.  You MUST start with a risk assessment and if you are up for it, I would recommend a business risk assessment. […]

Continue reading → [DISPLAY_ACURAX_ICONS]