Why We’re Getting Vulnerability Management Wrong
June 24 2022Security is wasting time and resources patching low or no risk bugs. In this post, we examine why security practitioners need to rethink vulnerability management.
Read moreFriday Squid Blogging: Squid Cubes
June 24 2022Researchers thaw squid frozen into a cube and often make interesting discoveries. (Okay, this is a weird story.) As usual, you can also use this squid post to talk about...
Read moreAPT Groups Swarming on VMware Servers with Log4Shell
June 24 2022CISA tells organizations running VMware servers without Log4Shell mitigations to assume compromise.
Read moreAPT Groups Swarming on VMware Servers with Log4Shell
June 24 2022CISA tells organizations running VMware servers without Log4Shell mitigations to assume compromise.
Read moreA new study says 97% of open source vulnerabilities linked to software supply chain risks are not attackable — but is "attackability" the best method for prioritizing bugs?
Read moreOpenSSL issues a bugfix for the previous bugfix
June 24 2022Fortunately, it's not a major bugfix, which means it's easy to patch and can teach us all some useful lessons.
Read more7 Steps to Stronger SaaS Security
June 24 2022Continuous monitoring is key to keeping up with software-as-a-service changes, but that's not all you'll need to get better visibility into your SaaS security.
Read moreThe Cybersecurity Talent Shortage Is a Myth
June 24 2022We have a tech innovation problem, not a staff retention (or recruitment) problem.
Read moreAnalysts say an 18% drop in ransomware attacks seen in May is likely fleeting, as Conti actors regroup.
Read moreEarlier this month, I and others wrote a letter to Congress, basically saying that cryptocurrencies are an complete and total disaster, and urging them to regulate the space....
Read more
Recent Comments