On March 25th, Under Armour was made aware that they had an unauthorized party gain access and acquire data associated with 150 million MyFitnessPal user accounts. The information they could’ve gathered includes, but is not limited to, usernames, email addresses, and hashed passwords. What are hashed passwords? Hashed passwords, from a high level, happen when passwords are ran through a mathematical function to create an encrypted version and a message authentication code (MAC) of a plaintext password. In MyFitnessPal’s case, they used a bcrypt hashing function, the same type that was used by formerly hacked Ashley Madison. After the Ashley Madison hack, the entire database and all password hashes were made available to the hackers of the world and now they have the password hashes of MyFitnessPal too. What does this mean for those of you that have an account on MyFitnessPal?

Just after the New Year, on January 8th, Attorney General Josh Stein and Rep. Jason Saine proposed new legislation aiming to strengthen North Carolina’s laws around data breaches. The proposed law has many aspects that would make North Carolina residents very happy, but what affect will it have on North Carolina businesses?

Today, the risk of a security incident or data breach is higher than ever. Having an Incident Response Plan is crucial to maintaining a strong security posture so you can protect your business before, during and after an attack.

(Image via Reddit) It’s the holiday season and that means more people are traveling and spending time in airports, bus/train stations, and generally wondering if the next stop, coffee shop or store has free Wi-Fi. The habitual curiosity is understandable – why use your cell data when you can hook up to a free connection to the web, right? In fact, there’s always a couple of questions I seem to get on this subject when people find out I’m a security professional. They are: What do you think about public Wi-Fi? Is free Wi-Fi safe to use? Is it ok to use the Wi-Fi at the airport?

Ransomware has evolved. It now spreads on its own inside a network, from machine to machine, encrypting files and compromising hosts. With an estimated global cost of cyberattacks sitting at $400 billion per year, and ransomware being expected to remain at the forefront of these attacks, it’s important to know how ransomware works, who it targets, and how to protect your business with a multi-layered defense. Take a look inside ransomware with our partners at Cisco Security:

We all know that the threat landscape isn’t getting any easier to manage. Fact is, most organizations don’t have the resources or the time to carry-out the endless activities that could reduce their exposure. However, there are a few things you can do that will make the most impact. Our partners at Tenable helped us put together these 10 Steps to Effective Vulnerability Management.