Meltdown and Spectre Cybersecurity Attacks

Hardware’s Burden: Meltdown and Spectre

Posted on Posted in Cyber Security, Embedded Software

While at a recent industry event I heard a senior military leader note their preference for hardware-based security because “software is hackable”.  The idea of hardware as an uncrackable vault was rocked by this month’s announcement of two major cybersecurity flaws in Intel chips, Meltdown and Spectre.  Meltdown and Spectre caused widespread panic and raised […]

NIST 800-63-3

Authentication Token Cybersecurity and NIST 800-63-3

Posted on Posted in Authentication, Cyber Security, identity and access management, mobile security

In June 2017, the National Institute of Standards and Technology (NIST) released its updated Digital Identity Guidelines in Special Publication 800-63-3.  The draft of this publication gained a lot of press in 2016 for highlighting the cybersecurity risks when using SMS for multi-factor authentication.  While the final version has not had as much focus, the […]

Ransomware and 3 Rays of Hope

Ransomware and 3 Rays of Hope

Posted on Posted in Cyber Security

This week we received news of another global ransomware attack that has reportedly affected FedEx, Rosneft, Moller-Maersk, and Merck.  This comes hot on the heels of last month’s WannaCry ransomware attack that affected 300,000 computers in 150 countries.  It seems these two attacks are linked because they both use the Server Message Block (SMB) protocol […]

Offline LINUX Repository

Does President Trump Want an Offline LINUX Repository?

Posted on Posted in Cyber Security, Embedded Software, Programming

On May 11th President Trump signed a Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.  In that Executive Order the President stated that, “Known but unmitigated vulnerabilities are among the highest cybersecurity risks faced by executive departments and agencies.  Known vulnerabilities include using operating systems or hardware beyond the vendor’s […]