Adobe Product Security Team Accidentally Leaks PGP Private Key

September 26, 2017 / by Fornetix

Adobe's Product Security Incident Response Team (PSIRT) accidentally posted their private key to the internet allowing anyone with access to either side of a conversation with the PSIRT to be able to decrypt the messages.  The Adobe security team was quick to revoke the PGP key, but it has left people with encrypted messages to Adobe in the clear.  How did it happen?

Read more

Equifax Breach: Making Sense of 'Identity' Theft

September 22, 2017 / by Steve Edwards

Equifax made news recently for being the victim of a hack; their systems were compromised and data was accessed by person(s) that weren’t authorized to have it. Unfortunately, this is not an uncommon occurrence these days. Hacks happen all the time, to companies both large and small. Individual hacks aren’t really noteworthy any more. But what is particularly noteworthy about this incident is the data that was accessed: the personal (and supposed-to-be private) information of roughly half of the US population.

Read more

Forced Features: Why Unwanted Upgrades Are Bad Security

September 15, 2017 / by Fornetix

The Telephonic Treatment

Like most people who own one, we love our smartphones.  We love that we can use Activator to keep my phone from automatically playing music, even over Bluetooth.  We love that we can select text and move the cursor without leaving the keyboard.  We love having five icons on the dock, speeding up the OS’s animations, and running a terminal session on my phone.

What we don’t love is running an old version of the OS so we don’t lose our jailbreak, and thus, all the above features.

Read more

Data Breach Hits HBO: How Do We End This?

July 31, 2017 / by Fornetix

Today, HBO announced publicly that they have experienced a “cyber incident which resulted in the compromise of proprietary information.” Like many other companies, HBO also stated that “data protection is a top priority” and yet we have seen a common theme that has become more prevalent in recent years. Large companies have trouble protecting their data.

Read more

Amazon S3: Don't Kick the Bucket, Do Something About It

July 20, 2017 / by Chuck White

Over the past several weeks we’ve seen three newsworthy stories where sensitive information finds its way onto Amazon's S3 cloud storage service: NGA, WWE, and Verizon.

Read more

Poor Information Security Practices Lead to Massive Data Leak

June 20, 2017 / by Fornetix

A Republican National Committee data analytics firm, Deep Root Analytics, disclosed that as many as 198 million U.S. citizens’ names, dates of birth, home addresses, phone numbers, and other identifiable information were exposed to the internet due to a database misconfiguration. Many firms are hastily moving to the cloud without fully understanding the security implications of doing so. By rolling new cloud implementations, data collection and analysis problems become simpler tasks. However, without a proper security framework around it, data is accessible to the internet and more likely to be retrieved.

Read more

Guest Post: The Whos and Whats of WannaCry

June 08, 2017 / by Fornetix

Perry Holdsworth, our Sales & Marketing intern at Fornetix, gives us a primer on the recent WannaCry ransomware attack that has wreaked havoc on global networks.

Read more

Fornetix Joins the VMware Technology Alliance Partner Program

June 05, 2017 / by Fornetix

Fornetix® today announced it has joined the VMware Technology Alliance Partner (TAP) program as an Elite level partner. Members of the TAP program collaborate with VMware to deliver innovative solutions for virtualization and cloud computing. The diversity and depth of the TAP ecosystem provides customers with the flexibility to choose a partner with the right expertise to satisfy their unique needs.

Read more

The Critical Need for Key Management Beyond Storage

June 02, 2017 / by Chuck White

The need for Key Management beyond storage is effectively the need to provide security controls that reduce risk when authority is separated from responsibility. The published leak of National Geospatial Agency data onto Amazon S3 by a defense contractor shines a spotlight on both the problem and the solution.

Read more

A Primer on FIPS 140-2 Certifications

May 25, 2017 / by Fornetix

Last week, Fornetix attended the International Cryptographic Module Conference outside of Washington D.C. A recurring topic of interest to those in attendance was FIPS 140-2. There were a lot of questions around the topic, so we thought it beneficial to explain the basics of FIPS 140-2 certifications.

Read more
1 2 3
Page 3 of 3

Subscribe to Email Updates

Recent Posts