Certifying Digital Court Records - Digital Planning Podcast
German Entities Targeted with PowerShell RAT - Threat actors are actively targeting German entities with custom PowerShell payloads to gather information about the ongoing conflict between Russia and Ukraine. The malicious...more
In CosmoKey Solutions GMBH & Co. KG v. Duo Security LLC, the Federal Circuit held that an improved method for overcoming computer hacking by turning on and off the authentication process was patent eligible. The court held...more
FinCEN Director Kenneth A. Blanco delivered prepared remarks on September 24 at the 2019 Federal Identity (FedID) Forum and Exposition in Tampa, Florida. Director Blanco summarized the topics of his remarks by stating the...more
The headlines of hacking incidents against counties, cities and towns are racking up like the retail space was several years ago. The hackers have targeted state and municipalities to wreak their havoc. This week, Orange...more
I came across an article last week that indicated there was a successful attack on Microsoft’s Office 365 and Google’s G Suite environments that was able to bypass multi-factor authentication (MFA). However, after reading the...more
Until recently, hackers have had limited success stealing Two-Factor Authentication (2FA) PIN and token information. Unfortunately, a tool has been released that will now make it much easier for practically any bad actor to...more
Sometimes I feel like I’m the Grinch at a party when I talk shop about the latest massive data breach or horrible hacker story that is in the news. We say things like, “it’s not if, but when” there will be another data...more
Darkreading.com has issued a survey entitled Monetizing the Insider: The Growing Symbiosis of Insiders and the Dark Web, which states that malicious insiders are responsible for 27 percent of all cybercrime. This statistic...more
Many consumers, and many employees, have dozens of passwords for access to different systems, services, networks, device, and terminals. From a corporate perspective, many companies have at least two policies that impact...more
According to myth, vampires can only enter your home if you let them in. Hackers, the vampires of cyber-world, are out there, waiting for you to ‘invite’ them in so they may feed on your private information. There is no...more
If you clicked on this post, that means you probably fall into one of two categories. Category 1: You are really tired of having to come up with – and remember – increasingly more complicated passwords, only to then be asked...more
“Defense in depth” refers to employing multiple layers of security that makes it more difficult for cyber hackers to gain access to sensitive plant control networks. These can include complex passwords, shorter password...more
Risk Management Question: Dual factor authentication greatly increases your online security, but it is no panacea. Dual factor authentication can be compromised through social engineering and phishing exploits. What can law...more
On August 11, 2017, the FTC released its third “Stick with Security” principle, which touched on the necessity of strong authentication practices. Secure passwords and fortified authentication practices make it that much...more
We've previously described and recommended the use of multi-factor (or two factor) authentication (2FA) on multiple occasions...more
Identity theft through social networking is on the rise. Hacked accounts may be used to impersonate you and potentially cause reputational harm, or may even link the hacker to your financial account information and...more
I love to train employees on data privacy and security. It tends to be rather entertaining as I can tell crazy stories about real life scenarios about data breaches or compromises. The stores are quite beneficial, as most...more
Businesses are increasingly falling victim to wire fraud scams – sometimes referred to as “man-in-the-email” or “business email compromise” scams. Although there are multiple variants, a common situation involves an attacker...more
On July 8, 2015, the Government Accountability Office (“GAO”) issued a report finding that agencies across the federal government continue to have shortcomings in preventing, detecting, and responding to cyber threats. The...more
Why it matters - The Federal Trade Commission (FTC) kicked off a new educational initiative to provide guidance to businesses in the area of data security. Based on the lessons learned from more than 50 of the agency's...more