Naming and shaming
So here’s a bit of an odd story… according to the Financial Times, the US Federal Reserve has publicly sanctioned…
So your third party has been breached…
Another day, another third party security compromise story… this time it is Indian outsourcing giant Wipro. The firm has confirmed…
Grindr and US national security
Here’s an interesting development…the US federal agency which reviews foreign investments in US companies has ordered a Chinese firm to…
Bad biometrics: Samsung’s new S10 phone
When biometrics work properly, they can provide you with an easy to use security solution with a reasonable level of…
Time to end the cloud-o-phobia
Sorry, but I felt no need to purchase a monocle so I could have it pop out of my eye…
Security risks from domain typo squatters
One of the ways that hackers get users to click on malicious links or believe false emails is to use…
Comcast assigned every mobile customer the same unchangeable PIN to protect against SIM hijack attacks: 0000
If someone wants to steal your phone number — say, to intercept the two-factor authentication SMSes needed to break into…
The war we try to ignore
As information security professionals, our goal is to protect information against attacks on confidentiality, integrity and availability. Today, I want…
Even with security flaws, you should be using a password manager
Yesterday, the Washington Post ran an article about some important security research on password managers, describing a number of serious…
Things to worry about in 2019
In this post, I wanted to take a break from telling you what *I* think the things that should keep…