Recent Posts
A security use case for ChatGPT: Email Scam Robo Judge
I have been noodling around with ChatGPT recently and have found a nice little use case that I hope someone with more coding skills and…
Leaking company secrets via generative AIs like ChatGPT
For a third party, knowing what people from company X are asking of ChatGPT (or any other generative AI) could be quite interesting and profitable…
Talking about ChatGPT with your colleagues
I wonder how many security teams have reached out to their colleagues about the use of ChatGPT and other hot new generative AI tools. Here’s…
Vulnerability management – we’re doing it wrong
Security professionals (and the people who measure our performance like auditors and regulators) have traditionally taken a stance that “all serious vulnerabilities should be patched”…
IRA Financial versus Gemini – security questions to ponder from a crypto IRA hack
The cryptocurrency world has been the scene of some *wild* stuff lately… and a recent lawsuit filed by IRA Financial Trust against Winkelvossian crypto exchange…
UBS takes a step towards a passwordless future
It looks like the end of the password may be coming a bit more quickly than I had expected… I received an email from UBS…
Cloud computing concentration and systemic risk
I came across an interesting blog post over at Finextra which got me thinking about a topic that has been in the back of my…
Make your near misses count
Security near misses are opportunities for learning and improvement, but when they are ignored, they can play a role in setting the stage for serious incidents. Use them wisely!
Hunting for secrets on GitHub
We need to work with system designers and developers to make them understand that using a secure credential vault with programmatic access is not an optional luxury – it is a basic security requirement. Credentials do not belong in code, even if that code is stored in a safe inside a vault inside a volcano.
Another killer woodpecker
Way back in 1977, a computer scientist from the University of Nebraska coined “Weinberg’s law:” If builders built buildings the way programmers wrote programs, then…