Subscribe

Archive | Technology

Call to Microsoft to release information about MS17-010

After delaying the release of Windows updates, Microsoft mysteriously released a patch for a group of vulnerabilities addressed by MS17-010 after canceling Patch Tuesday in February.  This patch was released immediately before the release of a set of Windows exploits by the Shadow Brokers hacking group.  Although Shadow Brokers purports to have stolen these exploits […]

Corporate Business Impact of Newest Shadow Brokers Dump

Yesterday, the Shadow Brokers released the password for the encrypted zip file they seeded last year (link). This release gives threat intelligence teams unprecedented insight into the capabilities of the Equation Group Hackers.  The dump appears to contain only Linux and Unix tools and exploits, so organizations running only Windows don’t need to react to […]

In Your Face – Securing Digital Displays

On Monday, a large publicly visible art exhibit in Spain that normally shows projections of modern art displayed pornography for 45 minutes.  Per this story (in Spanish), the taxi drivers who viewed the porn while waiting for riders at a nearby train station were thrilled (pun definitely intended), but most people were understandably not happy.  The […]

Why is length > complexity? Because math…

I routinely work with people who argue that their 8 character passwords are secure because they force complexity requirements.  This simply isn’t true.   Picking a passphrase (or simply a much longer password is mathematically more secure.  Some smart person will point out that if I know all passwords consist of combinations of only dictionary […]