Using a risk model based on security statistics is a valid and useful approach to defending against cyber attacks. A company can decide that if one type of attack is affecting a large percentage of companies, then chances are, they may be next. The company can take steps to defend against that attack. However, sometimes past statistics are not enough and can be … [Read more...]
Cisco Cooks Up Bad Passwords by Forgetting to Salt Their Hashes
Earlier this week, Cisco released a security alert describing a weakness in one of the password encryption algorithms they use on certain Cisco IOS and IOS XE devices. Devices that store user credentials tend to use hash algorithms to encrypt plaintext passwords, making it more difficult for attackers to recover those passwords if they somehow gain access t0 the hashed … [Read more...]
WatchGuard Security Week in Review: Episode 21
Huge Linkedin Password Leak, Flame Updates, and Microsoft Patch Day Need a quick video summary of the biggest security stories of the week? Well, you've come to the right place. This week's news includes interesting new analysis of the Flame worm, a major Linkedin password leak, and some information about new software updates, including Microsoft's upcoming Patch day. Check … [Read more...]