Traditional certificate-based S/MIME email encryption is “end-to-end.” Encryption and Decryption is done at the mail client level. This technique provides excellent confidentiality and authenticity since the emails are stored encrypted on the email server and clients. However, there are significant difficulties to S/MIME implemented at the mail client level. Private...
The landscape of email security is set to radically change in the next few years. The entire industry of email encryption and DLP was driven almost exclusively by privacy regulations enacted in the late 90’s and early 2000’s. It’s hard to believe we are almost 20 years removed, but are...
UPDATE 1/22/2018: Due to instabilities found in some Intel based servers operating with microcode patches, multiple vendors including VMware and Redhat Enterprise Linux have reverted their microcode patches. As a result, many servers will still be vulnerable to one version of the Spectre attack (CVE-2017-5715), even after updating their hypervisors...
According to a press release today, the North Carolina Department of Health and Human services (DHHS) is notifying affected individuals of a security incident where a spreadsheet containing personal information of about 6,000 people was accidentally sent via an unencrypted email. The spreadsheet contained names, social security numbers and drug...
One of the biggest vulnerabilities to a user’s private data is weak authentication mechanisms, most commonly weak passwords and poor password management requirements. Even when the traditional ‘strict’ password policies are enforced (8+ characters, alpha-numeric requirements, special character requirement, and password lifetimes), users often choose predictable and therefore easily crack-able...
On September 7th, Equifax announced that one of its web applications had a vulnerability that exposed the records of approximately 143 million American consumers from a period of mid-May through July 2017. The exposed information included extremely sensitive personally identifiable information (PII) such as “Social Security numbers, birth dates, addresses...
New York state has made history as the first state to enact a set of cybersecurity regulations for all entities who do business with the state. The regulations that first took effect in March this year (23 NYCRR Part 500) are now mandatory starting August 28th. These regulations now require...
The news of law firm giant DLA Piper being nearly crippled by the latest ‘Petya’ Ransomware attack is sending shock waves through the legal community. Historically slow to adopt new technologies especially in the arena of internet security, this may be the wake-up call the community needs to evaluate the...
Coming of the heels of the ”WannaCry” ransom-ware attack just last month, we saw yet another example of how a simple virus can disrupt business and wreak havoc world-wide: A computer virus wreaked havoc on firms around the globe on Wednesday as it spread to more than 60 countries, disrupting...
The so-called ‘WannaCry’ ransomware attack was unleashed on Friday, and is said to have hit more than 100,000 organizations in 150 countries, according to Europol. The malware, which locks files and asks for payment to unlock them, hit businesses and institutions across the world, including shipper FedEx, train systems in...
Copyright © 2021 GlobalCerts LLC, All Rights Reserved Site Map | Privacy Policy | Legal Disclaimer