Email Security and Static Passwords

This week on Hacker And The Fed we offer updates on the MOVEit and MGM Resorts hacks, the US State Department has no idea if its IT security actually works, the Senate's email system melts down in the face of a security test, Cisco can't stop using static passwords, and we answer listener questions about Single Sign-on, circumventing company IT rules, and LinkedIn profiles.

Links from the episode:

MOVEit Maker Announces New Critical Vulnerability Affecting a Different File Transfer Tool

https://therecord.media/progress-new-file-transfer-vulnerability

MGM Resorts Hack Update

https://x.com/brettforrest89/status/1711885567695433765

US State Dept has No Idea if its IT Security Actually Works, Say Auditors

https://www.theregister.com/2023/10/02/us_state_security_gao/

https://endoflife.date/windows

The Senate’s Email System Melted Down in the Face of Security Test

https://www.politico.com/minutes/congress/09-8-2023/senate-reply-all-mess/

Cisco Can't Stop Using Static Passwords

https://www.schneier.com/blog/archives/2023/10/cisco-cant-stop-using-hard-coded-passwords.html

Support our sponsors:

Get your Hacker and the Fed merchandise at hackerandthefed.com

Send HATF your questions at questions@hackerandthefed.com