NIST Password Guidance Should Be Well-Received

NIST Password Guidance Should Be Well-Received

Many of us are creatures of habit, and changing our ways can be difficult. It is much easier to do so, however, when the new way is more convenient – not to mention more secure – than the old method. That’s just the case with the new password guidance from NIST, released in June. The [...]

The Cybersecurity Canon: Cybersecurity: Geopolitics, Law, and Policy

The Cybersecurity Canon: Cybersecurity: Geopolitics, Law, and Policy

We modeled the Cybersecurity Canon after the Baseball or Rock & Roll Hall-of-Fame, except for cybersecurity books. We have more than 25 books on the initial candidate list, but we are soliciting help from the cybersecurity community to increase the number to be much more than that. Please write a review and nominate your favorite.  The Cybersecurity Canon [...]

Updated KHRAT Malware Used in Cambodia Attacks

Updated KHRAT Malware Used in Cambodia Attacks

Introduction Unit 42 recently observed activity involving the Remote Access Trojan KHRAT used by threat actors to target the citizens of Cambodia. So called because the Command and Control (C2) infrastructure from previous variants of the malware was located in Cambodia, as discussed by Roland Dela Paz at Forecpoint here, KHRAT is a Trojan that registers [...]