After Ransomware Hit Should You Pay Up?

I found this article at Technewsworld : Experts Weigh In on Refusing or Paying After a Ransomware Attack So Ransomware happened… (let’s not worry how or why for now). Now what do you do?  Contact your lawyer? Cyberinsurance? I supposed you do want to know how it happened to make sure you can at least remove … Read more

Better password policy: Complex? or longer passwords?

What is the better password policy? A longer password like NIST 800-53 says?   Key NIST password guidelines Minimum length of 8 characters and maximum length of at least 64 characters if chosen by the user. Allow usage of ASCII characters (including space) and Unicode characters. Check prospective passwords against a list that contains values … Read more

Patch Tuesday: Zero-day Vulnerability Fixes

Yes it was Patch Tuesday July9th (yesterday). This means Krebsonsecurity had a post describing all the action: The first Microsoft zero-day this month is CVE-2024-38080, a bug in the Windows Hyper-V component that affects Windows 11 and Windows Server 2022 systems. CVE-2024-38080 allows an attacker to increase their account privileges on a Windows machine. Although … Read more