INSIGHTS, NEWS & DISCOVERIES
FROM IOACTIVE RESEARCHERS

Wednesday, June 28, 2017

WannaCry vs. Petya: Keys to Ransomware Effectiveness

By Daniel Miessler
With WannaCry and now Petya we’re beginning to see how and why the new strain of ransomware worms are evolving and growing far more effective than previous versions.

Wednesday, June 14, 2017

APIs are 2FA Backdoors

By Daniel Miessler
Two-factor Authentication (2FA) today is something like having a firewall in the year 2000: if you say you have it, it basically stops any further questioning.

Unfortunately, when you have a powerful and mismanaged API, 2FA is about as effective as having a stateful firewall protecting a broken web application.