Troy Hunt Gets Phished
In case you need proof that anyone, even people who do cybersecurity for a living, Troy Hunt has a long,…
Security
Web 3.0 Requires Data Integrity
If you’ve ever taken a computer security class, you’ve probably learned about the three legs of computer security—confidentiality, integrity, and…
CrushFTP Security Alert: Actively Exploited Authentication Bypass Vulnerability! Patch Now!
CrushFTP users beware!! A severe authentication bypass vulnerability is exploited, endangering sensitive data and entire systems. This security flaw grants…
Rational Astrologies and Security
John Kelsey and I wrote a short paper for the Rossfest Festschrift: “Rational Astrologies and Security“: There is another non-security…
Cell Phone OPSEC for Border Crossings
I have heard stories of more aggressive interrogation of electronic devices at US border crossings. I know a lot about…
Standard SSL vs. Wildcard SSL Certificates: Which One to Choose for Your Website?
Securing your domain is a priority – whether you run a personal website, a business site, an e-commerce store, or…
Unsolved Challenge: Why API Access Control Vulnerabilities Remain a Major Security Risk
Despite advancements in API security, access control vulnerabilities, such as broken object-level authentication (BOLA) and broken function-level authentication (BFLA), remain…
The Signal Chat Leak and the NSA
US National Security Advisor Mike Waltz, who started the now-infamous group chat coordinating a US attack against the Yemen-based Houthis…
Eliminating Healthcare’s Cloud Security Gaps with Saner Cloud
Healthcare organizations rely on cloud environments to store and manage patient data, but security challenges and compliance requirements make protection…
Weekly Update 445
Presently sponsored by: Malwarebytes Browser Guard blocks phishing, ads, scams, and trackers for safer, faster browsing Well, this certainly isn’t…