-
Open letter demands OWASP overhaul, warns of mass project exodus
PRIVACY PRIVACY For more than two decades, the Open Worldwide Application Security Project (OWASP) has provided free and open resources for improving the security of software. Led by the non-profit OWASP Foundation, OWASP has brought together community-led open-source software projects, hundreds of local chapters worldwide, tens of thousands of members, and educational and training conferences…
-
New National Cybersecurity Strategy
PRIVACY PRIVACY Last week the Biden Administration released a new National Cybersecurity Strategy (summary >here. There is lots of good commentary out there. It’s basically a smart strategy, but the hard parts are always the implementation details. It’s one thing to say that we need to secure our cloud infrastructure, and another to detail what…
-
Study reveals companies are wasting millions on unused Kubernetes resources
PRIVACY PRIVACY Graham Cluley Security News is sponsored this week by the folks at Sysdig. Thanks to the great team there for their support! This move to the cloud has made it easier to scale up applications when they need to grow. However, there is a corollary to this: Budgeting! Chances are, you’re probably overspending.…
-
What is firewall optimization?
PRIVACY PRIVACY Firewall optimization (also known as firewall analysis) is the process of analyzing and adjusting the configuration and policy set of a firewall to improve performance and security. This process involves reviewing and corelating log data and device configurations, identifying potential vulnerabilities and weaknesses, and providing recommendations for remediation. Performing these processes is complex,…
-
City of Oakland Faces Major Data Leak
PRIVACY PRIVACY Information was stolen during recent ransomware attack Read More
-
UK Government Plans Skills Boost for Public Sector Fraud Fight
PRIVACY PRIVACY Focus will be on enhancing prevention and identification skills Read More
-
Tracking device technology: A double-edged sword for CISOs
PRIVACY PRIVACY The transportation industry has doubled down in the area of fleet tracking in recent years, which has come with great benefits and not a few security headaches. On the consumer side, we’ve spoken of Apple’s AirTag and how it has been used to find personal items of import — and also its potential…
-
FTC Proposes $7.8m Fine for BetterHelp
PRIVACY PRIVACY Online counseling service shared health data Read More
-
Friday Squid Blogging: We’re Almost at Flying Squid Drones
PRIVACY PRIVACY Researchers are prototyping multi-segment shapeshifter drones, which are “the precursors to flying squid-bots.” As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Read More
-
TPM 2.0 Library Vulnerabilities May Affect Billions of IoT Devices
PRIVACY PRIVACY The disclosed flaws occurred when handling malicious TPM 2.0 commands with encrypted parameters Read More