Zeljka Zorz
The modern CSO: Future-proofing your organization in a disruptive world
“There are three essential skill sets a modern day CSO must have. The first is knowledge of the business to better align a security strategy to company objectives …
How to improve software vulnerability disclosure in Europe
As software gets embedded in more and more things we use every day, the problem of software vulnerability reporting and patching rises in importance. Unfortunately, only a few …
The IEEE is against mandated encryption backdoors
The Institute of Electrical and Electronics Engineers (IEEE) has added its voice to the chorus of security experts, privacy advocates, lawmakers and other prominent …
How Facebook and Google nudge users to make anti-privacy choices
Facebook, Google and Microsoft use design techniques and tricks to steer users toward sharing more information about themselves to benefit those businesses, the Norwegian …
Researchers release app that masks printers’ tracking dots
Did you know that nearly all modern color laser printers put tracking patterns of tiny yellow dots on each piece of paper they print? Most printer manufacturers include these …
Twitter adds support for login verification with USB security key
Twitter has some good news for users looking to improve the security of their account: the company has begun rolling out the “login verification with a security …
Know what’s happening on your network and make the most of your security tools
In an ideal world, all organizations would know at all times exactly what’s happening on their network: they would have deep enough pockets to buy the equipment and …
Cisco ASA and Firepower flaw exploited in the wild
A high-severity vulnerability affecting Cisco ASA and Firepower security appliances is being exploited in the wild after an exploit has been released online on Friday. …
Underground vendors can reliably obtain code signing certificates from CAs
More and more malware authors are switching to buying new, valid code signing certificates issued by Certificate Authorities instead of using stolen (compromised) ones, …
Microsoft offers new Azure AD tool to nix easily guessed passwords
Predictable, easy-to-guess passwords are often the weak link that ends up breaking the security chain and attackers know this. “They know to account for character …
HMRC collected voiceprints of 5.1 million UK taxpayers
Her Majesty’s Revenue and Customs (HMRC) has collected voiceprints of some 5.1 million UK taxpayers without their explicit consent, and won’t reveal whether these …
Losses due to BEC scams are escalating
Despite falling down on the list of most often reported Internet-facilitated crimes, Business Email Compromise/Email Account Compromise is still the type of crime that results …
Featured news
Resources
Don't miss
- GitHub CISO on security strategy and collaborating with the open-source community
- Chainsaw: Open-source tool for hunting through Windows forensic artefacts
- Time for a change: Elevating developers’ security skills
- Job-seeking devs targeted with fake CrowdStrike offer via email
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance