-
How to Protect Your Streaming Accounts: Lessons from Roku’s Credential Stuffing Attack
In recent news, Roku, a leading streaming platform, reported that over 591,000 user accounts were affected by credential stuffing attacks. This incident underscores the critical importance of safeguarding your online accounts against cyber threats. Here’s what you need to know to protect yourself and your streaming accounts. As a proactive security measure, Roku has reset…
-
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m speaking twice at RSA Conference 2024 in San Francisco. I’ll be on a panel on software liability on May 6, 2024 at 8:30 AM, and I’m giving a keynote on AI and democracy on May 7, 2024 at 2:25 PM.…
-
Friday Squid Blogging: The Awfulness of Squid Fishing Boats
It’s a pretty awful story. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Read More
-
CISA Urges Immediate Credential Reset After Sisense Breach
The breach affecting business analytics provider Sisense could lead to a wide-scale supply chain attack Read More
-
The Rising Threat of Social Media Harassment. Here’s How to Protect Yourself.
Some conversations on social media can get … heated. Some can cross the line into harassment. Or worse. Harassment on social media has seen an unfortunate rise in recent years. Despite platforms putting in reporting mechanisms, policies, and even using AI to detect and remove harmful speech, people are seeing more and more harassment on…
-
Palo Alto Networks Warns About Critical Zero-Day in PAN-OS
A fix for CVE-2024-3400 is scheduled on April 4, Palo Alto Networks announced Read More
-
Smuggling Gold by Disguising it as Machine Parts
Someone got caught trying to smuggle 322 pounds of gold (that’s about 1/4 of a cubic foot) out of Hong Kong. It was disguised as machine parts: On March 27, customs officials x-rayed two air compressors and discovered that they contained gold that had been “concealed in the integral parts” of the compressors. Those gold…
-
Why CISA is Warning CISOs About a Breach at Sisense
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. CISA urged all Sisense customers to reset any credentials and secrets that may have been…
-
A Finance Journalist Fell Victim to a $50K Vishing Scam – Are You Also at Risk?
In a world where digital communication dominates, the art of scamming has evolved into a sophisticated game of deception. A recent story in The Cut featured a seasoned personal finance journalist falling prey to an Amazon scam call and being duped out of a staggering $50,000. The story serves as a stark reminder that anyone,…
-
Apple Boosts Spyware Alerts For Mercenary Attacks
The revision points out companies like NSO Group, known for surveillance tools like Pegasus Read More