In-brief: Beset by a plunging share price, class action lawsuits in dozens of states, pending Congressional hearings and a FTC investigation, Equifax on Wednesday finally settled speculation and named a six month old hole in a common software platform, Apache Struts, as the cause of a massive hack.
In-brief: Russian hackers aren’t the biggest threat to the security and integrity of elections says Bev Harris of Black Box Voting. Instead, it’s a more common enemy: run of the mill political corruption, mostly at the local level. Also: Eric Hodge of CyberScout talks about the challenges of helping states secure their election systems. Problem number one: recalcitrant voting machine makers.
In-brief: Companies like Microsoft and Google have both unveiled initiatives that de-emphasize the traditional, static, alpha-numeric password in recent days. So is the password going the way of the horse and buggy? Don’t be so sure, says Robert Capps of the firm NuData. Capps thinks that passwords will be with us for the foreseeable future and that companies concerned about security need to do more than just find a more secure way to log-in.
In-brief: companies that want to make life difficult for cyber criminals can start by moving valuable data off the front lines and finding ways to use less valuable information to verify the identity of their customers, writes Keir Breitenfeld, who works for Experian’s Fraud & Identity Solutions group.
In-brief: Experian Vice President of Data Breach Resolution tells The Security Ledger that tax ID fraud linked to stolen W-2 forms is up 25% this year, just the latest trend in a long running problem securing tax returns from scammers. But what’s the solution?