On Microsoft’s Lousy Cloud Security
ProPublica has a scoop: In late 2024, the federal government’s cybersecurity evaluators rendered a troubling verdict on one of Microsoft’s…
Security
VMC Certificate for E-Commerce: Reducing Cart Abandonment Through Inbox Trust
E-commerce brands lose billions every year to cart abandonment, but not all of that loss happens at checkout. A significant…
Python Supply-Chain Compromise
This is news: A malicious supply chain compromise has been identified in the Python Package Index package litellm version 1.82.8.…
Cybersecurity in the Age of Instant Software
AI is rapidly changing how software is written, deployed, and used. Trends point to a future where AIs can write…
Analyzing the TrueConf Zero-Day Exploit in Southeast Asian Cyber Attacks
Cybercriminals are increasingly exploiting trusted enterprise collaboration platforms through supply-chain style attacks, with a newly discovered zero-day vulnerability in the…
Hong Kong Police Can Force You to Reveal Your Encryption Keys
According to a new law, the Hong Kong police can demand that you reveal the encryption keys protecting your computer,…
Weekly Update 498
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite…
New Mexico’s Meta Ruling and Encryption
Mike Masnick points out that the recent New Mexico court ruling against Meta has some bad implications for end-to-end encryption,…
Google Wants to Transition to Post-Quantum Cryptography by 2029
Google says that it will fully transition to post-quantum cryptography by 2029. I think this is a good move, not…
Friday Squid Blogging: Jurassic Fish Chokes on Squid
Here’s a fossil of a 150-million year old fish that choked to death on a belemnite rostrum: the hard, internal…