Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

You may have noticed that some things have started to look a little different at 1Password. Over the next few weeks, we’ll continue to roll out new elements of our brand across our website, advertising, social channels, and more. And yes, while we’ve made some visual changes to the way we express our brand, we’re still the same 1Password. The values, goals, and ethos of 1Password are the same today as they were years ago.

Risk used to be a word thrown around as if it could be defined generally and, once defined, consistently applied to all business and technology use cases. This didn’t work out so well for customers, CISO’s, or vendors. Risk was a “four-letter-word” and it fell out of common use.

The Office of Inspector General (OIG) recently evaluated the Department of Commerce’s (DOC) cybersecurity program, uncovering critical failures that exposed the DOC to potential risks. Specific issues included the use of default passwords for administrative accounts, compromising over 100,000 pieces of personal identifiable information (PII).

Three Nigerian nationals face charges in a US federal court related to a business email compromise (BEC) scam that is said to have stolen more than US $6 million from victims. 29-year-old Kosi Goodness Simon-Ebo was extradited from Canada to the United States earlier this month, according to a Department of Justice press release, and will appear before a federal court on Friday. Two of Simon-Ebo's alleged conspirators, James Junior Aliyu, 28, and 31-year-old Henry Onyedikachi Echefu.

Multinational payment processing firm Nexway has been rapped across the knuckles by the US authorities, who claim that the firm knowingly processed fraudulent credit card payments on behalf of tech support scammers. A Federal Trade Commission (FTC) complaint argues that Nexway and its subsidiaries broke the law by helping scammers cheat money from unsuspecting consumers.

We’ve entered Week #3 of National Supply Chain Integrity Month, an initiative that CISA and other government agencies started to highlight the importance of securing our nation’s most critical systems and ensuring they stay resilient. For Weeks #1 and #2, I wrote about maturing your third-party risk management program and securing the small business supply chain.