A quick Saturday digest of cybersecurity news articles from other sources.Stand down from blue alert, it seems… but why not plan your cryptographic agility anyway?
There’s been a bit of a kerfuffle in the technology media over the past few days about whether the venerable ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.This site, like millions of others, has a certificate from Let’s Encrypt. Farewell, Peter Eckersley, PhD, who helped make it all possible.
A quick Saturday digest of cybersecurity news articles from other sources.Original release date: June 22, 2022
Cybersecurity authorities from the United States, New Zealand, and the United Kingdom have released a joint Cybersecurity Information Sheet (CIS) on PowerShell. The CIS provides recommendations for proper configuration and monitoring of PowerShell, as opposed to removing or disabling it entirely due to its ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.Hacking groups throughout the world are increasing their activities as a result of the Russian invasion of Ukraine on February 24, 2022. Some of these groups are supporting a particular side, while others simply want to take advantage of the resulting chaos.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a Continue Reading →
By Bob Weiss
If you missed Part 1 of this article, it can be found at last week’s post on May 5
When we use two or more cryptographic methods together, it is called Hybrid Cryptography. Common forms of Hybrid Cryptography included the creation and sharing of Symmetric session keys, through using Asymmetric Encryption.
Not all key exchange methods require using the PKI. Diffey-Helman, Oakley and other non-PKI key ...
Continue Reading →
By Bob Weiss
May the Force be with you! It’s May the fourth, Star Wars Day.
I received an email from a CASP+ Student asking for some help with encryption. This is what I sent.
Encryption can be a mind bender. And then like magic, it is not.
If you are up for some outside reading (what! More reading? Sorry) there are a couple of books that helped me
The Code Book, by Simon Singh
Crypto ...
Continue Reading →
A quick Saturday digest of cybersecurity news articles from other sources.I’m tired of virtual meetings, you’re tired of virtual meetings, we’re all tired of virtual meetings. It’s time to cut back on them. More…
The author had the privilege of interviewing Luke Wilson, Vice ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.Are your network cables acting as undercover wireless transmitters? What can you do if they are?
A few posts from Bruce Schneier
[2021.09.22] The Washington Post reports that the FBI had a decryption ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.Virtual private networks (VPNs) let remote employees securely connect to their companies’ networks. However, companies using Fortinet’s FortiOS SSL VPNs might be putting their networks at risk. Discover why using FortiOS SSL VPNs can be risky and what all companies need to do to ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.Original release date: July 19, 2021
This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9, and MITRE D3FEND™ framework, version 0.9.2-BETA-3. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques and the D3FEND framework for referenced defensive tactics ...
Continue Reading →