3 Lessons Learned in Vulnerability Management
January 17 2023In 2022, multiple high-profile vulnerabilities like Log4j and OpenSSL provided important takeaways for future public reporting.
Read more3 Lessons Learned in Vulnerability Management
January 17 2023In 2022, multiple high-profile vulnerabilities like Log4j and OpenSSL provided important takeaways for future public reporting.
Read moreThe Dangers of Default Cloud Configurations
January 16 2023Default settings can leave blind spots but avoiding this issue can be done.
Read moreJava, .NET Developers Prone to More Frequent Vulnerabilities
January 16 2023About three-quarters of Java and .NET applications have vulnerabilities from the OWASP Top 10 list, while only 55% of JavaScript codebases have such flaws, according to testing data.
Read moreUpcoming Speaking Engagements
January 15 2023This is a current list of where and when I am scheduled to speak: I’m speaking at Capricon, a four-day science fiction convention in Chicago. My talk is on “The...
Read moreWhy Mean Time to Repair Is Not Always A Useful Security Metric
January 14 2023Analyzing and learning from incidents is the ideal path to finding more insightful data and metrics, according to the VOID report.
Read moreNorton LifeLock Warns on Password Manager Account Compromises
January 14 2023Password manager accounts may have, ironically, been compromised via simple credential stuffing, thanks to password reuse.
Read moreMalware Comes Standard With This Android TV Box on Amazon
January 14 2023The bargain T95 Android TV device was delivered with preinstalled malware, adding to a trend of Droid devices coming out-of-the-box tainted.
Read moreRhadamanthys spreads through Google Ads that redirect to bogus download sites for popular workforce software — as well as through more typical malicious emails.
Read more
Recent Comments