Tracking CVE-2024-2876: Why does the latest WordPress exploit compromise over 90,000 websites?
A highly concerning security loophole was recently discovered in a WordPress plugin called “Email Subscribers by Icegram Express,” a popular…
Security
New Lawsuit Attempting to Make Adversarial Interoperability Legal
Lots of complicated details here: too many for me to summarize well. It involves an obscure Section 230 provision—and an…
Friday Squid Blogging: Squid Purses
Squid-shaped purses for sale. As usual, you can also use this squid post to talk about the security stories in…
My TED Talks
I have spoken at several TED conferences over the years. TEDxPSU 2010: “Reconceptualizing Security” TEDxCambridge 2013: “The Battle for Power…
Pay up, or else? – Week in security with Tony Anscombe
Organizations that fall victim to a ransomware attack are often caught between a rock and a hard place, grappling with…
Rare Interviews with Enigma Cryptanalyst Marian Rejewski
The Polish Embassy has posted a series of short interview segments with Marian Rejewski, the first person to crack the…
Weekly Update 398
Presently sponsored by: Kolide believes that maintaining endpoint security shouldn’t mean compromising employee privacy. Check out our manifesto: Honest Security.…
The UK Bans Default Passwords
The UK is the first country to ban default passwords on IoT devices. On Monday, the United Kingdom became the…
Don’t have a Modern Antivirus? Learn why you shouldn’t be taking this risk!
20 years ago, antivirus softwares were primarily focused on generic trojan viruses and malware while also boosting system… The post…
Adding insult to injury: crypto recovery scams
Once your crypto has been stolen, it is extremely difficult to get back – be wary of fake promises to…