Certificates and Inherit Trust

By |September 23rd, 2018|Categories: Articles|Tags: , , , |

On the Octopus Blog, we’ve delved quite a bit into the vulnerabilities of contemporary encryption standards. The system of Public Key Infrastructure (PKI) which forms the basis of most of the worlds authentication platforms, while presenting a powerful, easy to use encryption model, still left several holes through which attackers can breach networks and steal identities. Perhaps the single biggest problem [...]

Practice What you Preach – IT’s Achilles Heel

By |September 17th, 2018|Categories: Articles|Tags: , |

Thus goes the old adage. Of all the fields we would expect the ‘experts’ to follow their own rules, data security would probably be it. With a growing list of high profile hacks caused by poor security practices, infosec professionals are well aware what’s at risk from being careless in this area. Unfortunately, the data suggests that even the pros are [...]

What a Government Security Audit Teaches us About Password Vulnerabilities

By |September 3rd, 2018|Categories: Articles|Tags: , |

Security firms and experts constantly encourage companies and organizations to enforce strong password policies to prevent the accounts of their employees and users from getting hacked. But what happens when an organization does enforce password policies? Employees knowingly find workarounds and continue to choose weak passwords that conform to those policies. At least that’s what a recent audit of 17 Western [...]

How to Secure the Health Industry

By |August 27th, 2018|Categories: Articles|Tags: , , |

Data breaches at healthcare organizations are some of the most critical security incidents. They put very damaging information at the disposal of cybercriminals and malicious actors. A slate of regulations in different jurisdictions classify health data as highly sensitive and penalize organizations that mishandle the information or fail to protect it against hackers. An example is the Health Insurance Portability and [...]

Private Keys Vulnerabilities to Side Channel Attacks

By |August 23rd, 2018|Categories: Articles|Tags: , |

The Public Key Infrastructure has been the staple of cryptography for over forty years. The simple and ingenious system introduced to the world of information technology the concept of “asymmetric” encryption; a way in which a message can be encrypted, but only unlocked by one particular user. While the public key is accessible to all and can be used to encrypt [...]

Navigating the NIST AIM Guidelines

By |August 16th, 2018|Categories: Articles|Tags: , |

  If the barrage of recent data breaches tells us anything, it’s that digital identity is the new battleground in information security. According to Symantec’s Internet Security Threat Report, 1.1 billion identities were stolen in 2016 alone. Armies of botnets are attempting to reuse and harvest stolen credentials in drive-by downloads or targeted phishing scams—all while we are still struggling with [...]

Reddit – Where CISO’s Go to Get Hacked

By |August 14th, 2018|Categories: Articles|Tags: , , |

Yet another major enterprise has fallen victim to insecure identity protocols. The social network giant Reddit reported earlier this month that hackers had succeeded in breaching the company’s databases, exposing both usernames and passwords. Although cybercriminals were not able to alter any of Reddit’s information or source code, the companies Chief Technology Officer Christopher Slowe, admitted the hack was a serious [...]

SamSam Ransomware: The Enemy of Weak Passwords

By |August 8th, 2018|Categories: Articles|Tags: , |

In recent years ransomware attacks have become a rampant threat. 2017 saw some of the most destructive waves of ransomware attacks across the world. The most notable of these attacks was the WannaCry outbreak in May, which infected hundreds of thousands of computers in more than 150 countries in the span of a few days. A month later, the NotPetya ransomware [...]

Before you Get a Physical Security Token – What you Need to Know

By |August 2nd, 2018|Categories: Articles|Tags: , , , , |

Last week Google announced that it will create its own physical universal second-factor authenticator that leverages the FIDO Alliance (Fast Identity Online). FIDO was designed to put an end to the tradeoff between fast, easy access on the one hand, and robust authentication security on the other. With the authentication scheme growing in popularity, several tech manufacturers like Yubico and Feitian [...]

Howdy,
Search exact
Search sentence
Buy Premium Version to add more powerful tools to this place. https://wpclever.net/downloads/wp-admin-smart-search