worst practices
Vulnerability management – we’re doing it wrong
Security professionals (and the people who measure our performance like auditors and regulators) have traditionally taken a stance that “all serious vulnerabilities should be patched” ...
Another killer woodpecker
Way back in 1977, a computer scientist from the University of Nebraska coined “Weinberg’s law:” If builders built buildings the way programmers wrote programs, then ...
It’s official… SMS is not a security tool
Using SMS as a second factor for authentication has always been a bit iffy, due to the risk of “SIM swapping” attacks. However, many people ...
Are passwords really the best we can do?
So by now, you have seen the news stories about the doofus hackers who are breaking into Ring cameras and scaring kids. And it turns ...
Is Business Email Compromise a “cyber attack?”
Just what constitutes a cyber attack? That’s the question facing a court in a case brought against insurer AIG. One of the firm’s clients was ...
Bad biometrics: Samsung’s new S10 phone
When biometrics work properly, they can provide you with an easy to use security solution with a reasonable level of ...
