EPA Ignores Experts Setting Password Security Policy

In case you missed it, EPA is yet again changing it's password requirements. This attempt to strengthen security will ultimately reduce security.

As noted security expert Bruce Schneier notes, the National Institutes of Standards and Technology (NIST) recently published its four-volume SP800-63b Digital Identity Guidelines. As Bruce notes, the document "makes three important suggestions when it comes to passwords:

Read More

Beware: Computer "Ransomware" Impersonates OPM

According to Phishme and Fedscoop, there's a new piece of computer Malware that can infect your computer that appears to come from the U.S. Office of Personnel Management. According to Phishme, the thieves send an email to unsuspecting users "that cite[s] the purported detection of 'suspicious movements' in the victim’s bank account that were detected by the US Office of Personnel Management." The emails ask the recipient to "examine the attached scanned record," which is a file that, if opened, infects the recipients computer.

The Malware, dubbed "ransomware,"....

Read More