Posted by SecurityArchitecture on Sunday, December 20, 2020
Software vendors, like other types of organizations, may in fact be worthy of customers’ trust, but it is at least a semantic mistake for any buyer to say they trust software.
Posted by SecurityArchitecture on Saturday, February 4, 2017
Perhaps harder to understand is why so many of these emails make it through to their recipients, whether or not the recipients actually fall for the scam.
Posted by SecurityArchitecture on Sunday, October 2, 2016
In light of news reports that company executives did little to strengthen cyber-defenses, the group that seems most overlooked in the aftermath of the breach is Yahoo! customers.
Posted by SecurityArchitecture on Saturday, July 30, 2016
A brief examination of relevant U.S. laws suggests that Trump is at the very least encouraging action that violates U.S. law, because computer hacking generally (whether perpetrated by domestic or foreign actors) is illegal.
Posted by SecurityArchitecture on Wednesday, April 13, 2016
Mossack Fonseca failed to understand even basic information security and privacy principles and lacked the IT management skills or oversight necessary to ensure that they were adequately protecting their own and their clients’ information.
Posted by SecurityArchitecture on Wednesday, April 6, 2016
Attackers who find vulnerable servers can deploy ransomware without any action on the part of users in the targeted organization.
Posted by SecurityArchitecture on Wednesday, November 25, 2015
My notification letter arrived on November 23, 137 days after the public announcement and approximately 200 days after OPM says it discovered the incident.