Category: systemic risk

WordPress wants sites to eat their (patching) vegetables

Apparently. over a third of the web sites on the Internet (including this one) run the WordPress content management software package. Natch, this makes WordPress…

Continue Reading

So your third party has been breached…

Another day, another third party security compromise story… this time it is Indian outsourcing giant Wipro. The firm has confirmed that a small number of…

Continue Reading

als, bls, cissp

Those of you who have the misfortune to know me personally know that information security is but one piece of the pie that is Al…

Continue Reading

insecure systems? no insurance for you!

It seems that car thieves have been targeting the keyless entry systems of high end vehicles, taking advantage of insecure security in their on board…

Continue Reading

OpenAuth/OpenID flaw – ok, now what?

It seems like the latest big security story is a newly discovered flaw in the OAuth and OpenID protocols which allow users to authenticate to third…

Continue Reading

how not to do a risk assessment

So, the risk management mavens for the City of Portland, Oregon have provided us all with an object lesson in how not to make risk…

Continue Reading

remember bird flu?

A couple of years back, before the H1N1 swine flu was all the rage, all of us disaster obsessed types were focused on H5N1 bird…

Continue Reading

testing, 1, 2, 3, oopsie!

Last week, an experiment conducted by Duke University and the European RIPE Network Control Center got a little bit out of hand, interrupting Internet traffic…

Continue Reading

the great helium shortage of 2035?

It turns out that helium is important for more than party balloons and making our voices high and squeaky… and that we may run out…

Continue Reading

under the sea…

A while back, I did a post about the global undersea communications network which forms the underpinning of the global Internet.  Here’s a great way…

Continue Reading