Cell Phone OPSEC for Border Crossings
I have heard stories of more aggressive interrogation of electronic devices at US border crossings. I know a lot about…
Security
Standard SSL vs. Wildcard SSL Certificates: Which One to Choose for Your Website?
Securing your domain is a priority – whether you run a personal website, a business site, an e-commerce store, or…
Unsolved Challenge: Why API Access Control Vulnerabilities Remain a Major Security Risk
Despite advancements in API security, access control vulnerabilities, such as broken object-level authentication (BOLA) and broken function-level authentication (BFLA), remain…
The Signal Chat Leak and the NSA
US National Security Advisor Mike Waltz, who started the now-infamous group chat coordinating a US attack against the Yemen-based Houthis…
Eliminating Healthcare’s Cloud Security Gaps with Saner Cloud
Healthcare organizations rely on cloud environments to store and manage patient data, but security challenges and compliance requirements make protection…
Weekly Update 445
Presently sponsored by: Malwarebytes Browser Guard blocks phishing, ads, scams, and trackers for safer, faster browsing Well, this certainly isn’t…
Friday Squid Blogging: Squid Werewolf Hacking Group
In another rare squid/cybersecurity intersection, APT37 is also known as “Squid Werewolf.” As usual, you can also use this squid…
Hook, Line, and Sinker: Chrome Patches Zero-Day Used in Phishing Attacks
In mid-March 2025, a deluge of personalized phishing emails took Russia by storm. When analyzed, the underlying vulnerability had researchers…
AIs as Trusted Third Parties
This is a truly fascinating paper: “Trusted Machine Learning Models Unlock Private Inference for Problems Currently Infeasible with Cryptography.” The…
A Taxonomy of Adversarial Machine Learning Attacks and Mitigations
NIST just released a comprehensive taxonomy of adversarial machine learning attacks and countermeasures.