Yesterday, MedStar Health, one of the largest providers of medical services in the Washington D.C. area, announced that its computer network was infected with a virus. MedStar decided to shut down “all system interfaces to...
Another potentially serious and widespread vulnerability was announced last week. The DROWN vulnerability was discovered jointly by several universities and Google and is specific to the legacy SSLv2 protocol. Even though clients may never use...
A new GNU C library vulnerability was announced a couple of weeks ago and exposes a critical flaw affecting almost all Linux machines. Discovered independently by Google and Red Hat, the flaw is described as...
An article last month points to a couple of interesting trends in the cybersecurity area. The first has to do with hackers not necessarily needing to be superiors coders, but simply smart about weaknesses and...
In an earlier post, we read that the data breach against Target in late 2013 could cost over $500 million dollars (USD) in the end. While that amount is staggering, it is likely due to...
Several organizations have moved in part or entirely to the cloud for their IT infrastructure. This article details the interesting story of the University of Notre Dame and its gradual adoption of and migration to...
We hope everyone has a great Christmas and New Year’s season. This time of year usually means gathering with family and friends, enjoying good food, and taking a relaxing break from the office. Not so...
Last week, Target announced a $39 million dollar settlement with banks and credit unions to resolve claims related to the retailer’s data breach in late 2013. To refresh your memory, this breach compromised over 40...
A recent audit by the U.S. Government Accountability Office (GAO) revealed weaknesses in cybersecurity practices at various U.S. federal agencies. Among the weaknesses cited is the lack of implementing two-factor authentication (2FA). Twenty-two agencies reported...
As mentioned in previous posts here and here, FIDO standards have been gaining traction with governments and the private sector. Our enterprise partner Yubico produces YubiKeys employing FIDO’s U2F authentication standard which Google and Yubico...
