How paranoid should you be when you want to devise methods of defending passwords? If someone accesses your computer (with malware or otherwise) and can now read off the RAM it is possible to read the password manager stream of data as it comes off/or on. So what is the best way to handle passwords? … Read more
So what has happened that I want to make another post about “Cybersecurity News”? Microsoft states they will implement the new CCPA (California Consumer Privacy Act) across the nation by January 1, 2020 https://blogs.microsoft.com/on-the-issues/2019/11/11/microsoft-california-privacy-rights/ November 11) 68000 patients of Methodist hospital impacted by Phishing attack (By HIPAA Journal) (October 17) https://www.hipaajournal.com/68000-patients-of-methodist-hospitals-impacted-by-phishing-attack/ Domain Registrar Network Solutions … Read more
On October 16 Web.com, Networksolutions.com, and register.com had a breach, and as of Nov2nd there is no mention of anything like a breach on their website (web.com owns the others) The breach information was obtained from the always useful Krebsonsecurity.com site. So what happens when your website’s registrar was hacked? It likely means all … Read more
https://www.zdnet.com/article/halloween-scare-google-discloses-chrome-zero-day-exploited-in-the-wild/ ZDNet points out that Google Chrome has a Zero-day vulnerability – which means you cannot patch or fix your Chrome Browser. The above image is from a Mac Chrome browser, thus I want to make sure you know any Chrome browser (including on Android or IPhone as well). I have discussed Zero-Day vulnerabilities before … Read more
A new Secure Software Requirements and Assessment Procedures was released v1.0 on Jan 2019. So if you are developing software for the Payment card industry either for an application on a website or for a retail location you have a new framework and software requirements standard. Developing software to capture credit card information (and use … Read more
