NIST 800-63-3

Authentication Token Cybersecurity and NIST 800-63-3

Posted on Posted in Authentication, Cyber Security, identity and access management, mobile security

In June 2017, the National Institute of Standards and Technology (NIST) released its updated Digital Identity Guidelines in Special Publication 800-63-3.  The draft of this publication gained a lot of press in 2016 for highlighting the cybersecurity risks when using SMS for multi-factor authentication.  While the final version has not had as much focus, the […]

3 Ways Blockchain Can Improve PKI

3 Ways Blockchain Can Improve PKI

Posted on Posted in Uncategorized

3 Ways Blockchain Can Improve PKI When it comes to technology buzzwords there are few bigger than blockchain.  Speak with any overexcited technologist and you will get an hour lecture about how it is the future of secure transactions.  The benefits of blockchain technology are that it is public, distributed, and tamper-resistant.  Indeed blockchain technology […]

Ransomware and 3 Rays of Hope

Ransomware and 3 Rays of Hope

Posted on Posted in Cyber Security

This week we received news of another global ransomware attack that has reportedly affected FedEx, Rosneft, Moller-Maersk, and Merck.  This comes hot on the heels of last month’s WannaCry ransomware attack that affected 300,000 computers in 150 countries.  It seems these two attacks are linked because they both use the Server Message Block (SMB) protocol […]

Mental Hypervisors

Mental Hypervisors and Hardware Cybersecurity

Posted on Posted in Uncategorized

Forbes Magazine had an interesting article last month about security vulnerabilities in home security products from SimpliSafe, Samsung, Comcast and others.  The author highlighted the usual vulnerabilities including default passwords and unencrypted signaling, but, there was one quote that I found particularly interesting. When quoting the security expert Dr Andrew Zonenberg the author wrote “SimpliSafe […]