I recently came across an interesting article that describes how a group of hackers approached a challenge by Ars Technica to crack 90% of 16,499 hashed static passwords in an amazingly short time! Though I...
As mentioned in a previous blog post, foreign spies had been targeting the Donald Trump and Hillary Clinton presidential campaigns. And in recent weeks, reports indicate attacks have not only been successful, but reaching other...
Corporate users of Microsoft’s OneDrive cloud storage are increasingly storing files there that contain passwords. According to a report released last month, “enterprises are routinely storing corporate password files in the cloud through Microsoft’s OneDrive...
Last week, James Clapper, the U.S. director of national intelligence, said there have been “some indications” that foreign hackers have been targeting the presidential campaigns of Donald Trump, Hillary Clinton, and Bernie Sanders. The FBI...
A recent faux phishing scheme designed to track the activity of hackers accessing the “leaked” data confirms what we already know — hackers gravitate towards corporate data, and not by the dozens, but by the...
Last month, I posted about the healthcare industry being a target for cybercriminals. Another target, likely even more lucrative, is the financial services industry. According to a 2014 news article, the Federal Bureau of Investigation...
For decades, logging into a network, application, server, etc. usually only requires a username and password. Sometimes certain policies are put in place to try to make sure passwords are not compromised, such as requiring...
Yesterday, MedStar Health, one of the largest providers of medical services in the Washington D.C. area, announced that its computer network was infected with a virus. MedStar decided to shut down “all system interfaces to...
Another potentially serious and widespread vulnerability was announced last week. The DROWN vulnerability was discovered jointly by several universities and Google and is specific to the legacy SSLv2 protocol. Even though clients may never use...
A new GNU C library vulnerability was announced a couple of weeks ago and exposes a critical flaw affecting almost all Linux machines. Discovered independently by Google and Red Hat, the flaw is described as...
