Blog

Featured image for MFA for OAuth?

MFA for OAuth?

This post includes a brief overview of the history and security risks of Open Banking, describes how Cloudentity’s MicroPerimeter™ Security with CIAM can support your Open Banking initiatives, and provides access to free trial software so that you can try it for yourself.   One of the biggest challenges facing enterprises or companies that want...
Read More
Featured image for Hacking the Provider: 14 Million Hostinger Accounts Exposed

Hacking the Provider: 14 Million Hostinger Accounts Exposed

Web hosting provider, Hostinger, alerted customers to unauthorized activity that gave someone (unknown) access to an API that contained 14 million customer usernames, email addresses, and passwords scrambled with the SHA-1 algorithm (which is more suspectable to a rainbow table attack and has been deprecated for a few years now). Credit is due to Hostinger...
Read More
Featured image for Docker and MicroPerimeter Edge Standalone

Docker and MicroPerimeter Edge Standalone

Docker makes it amazingly easy to build and deploy services. If you’re not ready to commit to Kubernetes, there is a way to run your Docker containers with full security and policy management – deploy your container into a MicroPerimeter™ Edge network. In a very simplified view, you deploy MicroPerimeter™ Edge in Standalone mode on...
Read More
Featured image for 90,000 German MasterCard Customers Data Posted in Breach

90,000 German MasterCard Customers Data Posted in Breach

GDPR will definitely bite MasterCard on a breach of 90,000 German customer's data including names, addresses and partial credit card numbers. And there are reports of an additional, unidentified list, circulating with full credit card numbers. As with other recent breaches, it appears a third-party vendor was trusted with the data, and then proceeded to...
Read More
Featured image for Cloud Hybrid is the new normal 

Cloud Hybrid is the new normal 

There are many ways to describe the different ways organizations use cloud computing, but “cloud hybrid” is quickly becoming the de facto standard.  In Ofer Schreiber’s article Why leading cyber-executives see massive potential in securing hybrid clouds, he describes cloud-hybrid as “huge sprawl across multiple cloud providers, across multiple cloud accounts that need to be accounted for and properly...
Read More
Featured image for Securing Elections Infrastructure

Securing Elections Infrastructure

It seems there is some sort of data breach or hack every day; sometimes the hack is as simple as finding an open database, sometimes it’s a phishing attack, sometimes it’s getting into a network through an IoT device like a printer or even a thermostat. As we enter the era of electronic voting machines,...
Read More
Featured image for Breach: Unsecured Mongo database exposes 700,000 Choice Hotels

Breach: Unsecured Mongo database exposes 700,000 Choice Hotels

Choice Hotel's vendor had left open an unsecured MongoDB connection to a database containing 700,000 guests information including Full names, Addresses, Phone numbers and Email addresses. The hotel chain includes brands Comfort, Sleep Inn, Quality Inn, Clarion, Econo Lodge, Rodeway Inn and many more. As with yesterday's Biostar 2 Breach, developers didn't consider the http...
Read More
Featured image for Biostar 2 Breach: Fingerprints and Facial Recognition available on open API

Biostar 2 Breach: Fingerprints and Facial Recognition available on open API

A huge security hole exposed fingerprints of over 1 million people along with facial recognition information, unencrypted usernames and passwords, and employment details from Biostar 2, a biometric security platform made by South Korean based Suprema Inc.  that manages building access and physical security for thousands of companies worldwide. vpnMentor, a security test company, was...
Read More
Featured image for StockX “System Update” Revealed to be a Breach

StockX “System Update” Revealed to be a Breach

First StockX forced a password reset, telling customers it was due to a system update, now it turns out that not only were over 6 million user records exposed, but that data is for sale by hackers. Online shoe reseller, StockX abruptly forced all users to reset their passwords a couple weeks ago saying it...
Read More
Featured image for Pitfalls of Modern Election Systems

Pitfalls of Modern Election Systems

Democracy requires participation where everyone should be able to stand up and be counted. New technology for voter registration and election management is about making easier to participate while maintaining integrity, but anyone with a healthy sense of skepticism knows the more complicated we make systems, the more opportunity there is for mistakes to creep...
Read More
Featured image for Cloudentity and NYDFS

Cloudentity and NYDFS

We’ve all heard a lot about GDPR, but if you’re in the Financial Services industry, you’re probably aware of NYDFS compliance.  NYDFS is actually the regulatory body (New York State Department of Financial Services) and in particular we’re concerned about the NYDFS Cybersecurity Regulation. The regulation is "designed to promote the protection of customer information...
Read More
Featured image for 2019 CafePress breach exposes 23 million users… What did we learn?

2019 CafePress breach exposes 23 million users… What did we learn?

This post looks back at the CafePress data breach of 2019, the compromised user data, how CafePress handled the breach, the resulting fall-out, and how consumers and companies can protect themselves from future hacks.  About the CafePress data breach  CafePress is a popular custom T-shirt and merchandise online retailer that was hacked, exposing the email...
Read More