If you haven't properly addressed the issue, you're already behind. But even if you've had a false start, it's never too late to get back up.
Read moreIf you haven't properly addressed the issue, you're already behind. But even if you've had a false start, it's never too late to get back up.
Read moreI did not attend WEIS this year, but Ross Anderson was there and liveblogged all the talks.
Read moreMost of those surveyed are concerned about AI-based attacks and deepfakes, but suggest that their organization is ready.
Read moreWhy We’re Getting Vulnerability Management Wrong
June 24 2022Security is wasting time and resources patching low or no risk bugs. In this post, we examine why security practitioners need to rethink vulnerability management.
Read moreFriday Squid Blogging: Squid Cubes
June 24 2022Researchers thaw squid frozen into a cube and often make interesting discoveries. (Okay, this is a weird story.) As usual, you can also use this squid post to talk about...
Read moreAPT Groups Swarming on VMware Servers with Log4Shell
June 24 2022CISA tells organizations running VMware servers without Log4Shell mitigations to assume compromise.
Read moreAPT Groups Swarming on VMware Servers with Log4Shell
June 24 2022CISA tells organizations running VMware servers without Log4Shell mitigations to assume compromise.
Read moreA new study says 97% of open source vulnerabilities linked to software supply chain risks are not attackable — but is "attackability" the best method for prioritizing bugs?
Read moreOpenSSL issues a bugfix for the previous bugfix
June 24 2022Fortunately, it's not a major bugfix, which means it's easy to patch and can teach us all some useful lessons.
Read more
Recent Comments