Even with security flaws, you should be using a password manager

Even with security flaws, you should be using a password manager

Yesterday, the Washington Post ran an article about some important security research on password managers, describing a number of serious vulnerabilities in some of the most popular products in this space. However, ...

Has Technology Improved or Destroyed Business Security?

Technology has tremendously affected how businesses operate. There is no denying the fact that these modern advancements provide substantial benefits that enabled even the smallest enterprises to compete on a global scale ...

Inner Circle Podcast Episode 021 – Wendy Nather Talks about the Value of Zero Trust Security

I was honored to have Wendy Nather, head of advisory CISOs for Duo Security–now part of Cisco, join me as my guest for this episode of the Inner Circle podcast. Wendy is ...
The GoDaddy Hole or Exploiting The Insecurity Event Horizon

The GoDaddy Hole or Exploiting The Insecurity Event Horizon

Via the inimitable Brian Krebs, writing at Krebs On Security, comes further reportage detailing the continued authentication-flaw-exploitation of the GoDaddy, Inc. (NYSE: GDDY) Hole - a seemingly irrepairable flaw in their Registrar ...
Preventing Security Breaches Within Company Search Applications

Preventing Security Breaches Within Company Search Applications

Far too many organizations found their names in headlines during the first month of 2019. Many came after a security researcher discovered a trove of Elasticsearch database misconfigurations that left data exposed ...
Security Boulevard
2

What does your password say about you?

Using what we security experts call “crappy passwords” can be the first step in a journey to identity theft and all of its attendant miseries. If you are using Google Chrome to ...
Rey is in the Ahch-To Pit looking at a broken mirror.

Cave of Broken Mirrors: 3 Issues with AWS Cognito

Secure Ideas is currently working on a revamp and redesign of our website and client portal, to promote a better user experience for our clients. Since a lot of our infrastructure is ...
Securing Government Data with NIST 800-53

Securing Government Data with NIST 800-53

If you have ever heard of the Federal Information Security Management Act, then you are aware of the work done by the National Institute of Standards and Technology. The goal of the ...

The FCC and Call Authentication

On a daily basis, many people receive automated machine calls, and importantly, more people are getting annoyed. The Federal Communications Commission (FCC) in the United States must have received and no doubt ...
Opinion: Back to the Start for 2FA Adoption?

Opinion: Back to the Start for 2FA Adoption?

In a previous post, Tripwire asked contributors what their most memorable event of 2018 was. As a follow-up, guest author Bob Covello expands on his thoughts about two-factor authentication (2FA). We in ...
Loading...