COMMENTARY Second of two parts. (Read Part 1: "Stress-Testing Our Security Assumptions in a World of New & Novel Risks.") Achieving security in a future of "unseen until it's too late" threats forces us to look beyond the endless cycles of discover and patch, identify and neutralize, and sense and respond, to build resilience by […]
Read More →
Europol has announced the arrest of 54 people in connection with a voice phishing (vishing) scam, in combination with social engineering tactics and physical threats to target elderly Spanish citizens. The criminals posed as bank employees, first calling their targets and extracting personal information. Their criminal partners then physically targeted the victims at their homes, […]
Read More →
In April 2016, President Barack Obama appointed Uber chief security officer (CSO) Joe Sullivan to the so-called Commission on Enhancing National Cybersecurity. Four years later, Sullivan was researching prisons, and how to stay safe and sane while on the inside. He was a strangely cast felon, having spent the first eight years of his career […]
Read More →
Researchers at the University of California San Diego (UCSD) have found a new way to execute Spectre-like side channel attacks against high-end Intel CPUs, including the recent Raptor Lake and Alder Lake microprocessors. Like Spectre, the new technique, which the researchers have dubbed "Indirector," exploits a speculative execution feature in the Intel CPUs to redirect […]
Read More →
COMMENTARY The mad dash to the cloud a few years back left many organizations scrambling to understand the true implications of this technological shift. Fueled by promises of scalability and cost savings, many companies jumped on board without fully comprehending key details. For example, many were asking how secure their data was in the cloud, […]
Read More →