PCI DSS v4.0: What You Need to Know and What the End of v3.2.1 Means for the Future of Digital Payments
On March 31st, 2024, The Payments Card Industry Standards Security Council (PCI SSC) officially retired version 3.2.1 of the PCI…
Security
Recovering Public Keys from Signatures
Interesting summary of various ways to derive the public key from digitally signed files. Normally, with a signature scheme, you…
Critical Vulnerabilities Found in VMware vCenter Server and Cloud Foundation
A recent surge of critical remote code execution (RCE) vulnerabilities has been discovered in VMware vCenter Server and Cloud Foundation…
Hacktivism is evolving – and that could be bad news for organizations everywhere
Hacktivism is nothing new, but the increasingly fuzzy lines between traditional hacktivism and state-backed operations make it a more potent…
New Blog Moderation Policy
There has been a lot of toxicity in the comments section of this blog. Recently, we’re having to delete more…
The Hacking of Culture and the Creation of Socio-Technical Debt
Culture is increasingly mediated through algorithms. These algorithms have splintered the organization of culture, a result of states and tech…
Love Gone Wrong: Are You Protected Against Online Dating Scams?
Have you heard about online dating scams? In the vast digital landscape of online romance, scams are a… The post…
Rethinking Democracy for the Age of AI
There is a lot written about technology’s threats to democracy. Polarization. Artificial intelligence. The concentration of wealth and power. I…
Zero-Day Marketplace Explained: How Zerodium, BugTraq, and Fear contributed to the Rise of the Zero-Day Vulnerability Black Market
Whenever a company is notified about or discovers a critical flaw in their system/application that has the potential to be…
Using LLMs to Exploit Vulnerabilities
Interesting research: “Teams of LLM Agents can Exploit Zero-Day Vulnerabilities.” Abstract: LLM agents have become increasingly sophisticated, especially in the…