Uncategorized
New Zenbleed Vulnerability: What It Is, How to Fix It
Zenbleed (CVE-2023-20593) was announced today. This is a vulnerability affecting AMD processors based on the Zen2 microarchitecture (certain EPYC CPUs used in datacenter servers and Ryzen/Threadripper CPUs used in desktop/laptop computers). The ...
Cyber Leaders of the World: Michael Anderson, CISO at the Dallas Independent School District
Please tell us about yourself, your background, and your journey of becoming a CISO for the Dallas Independent School District. I began my journey as a service member in the Army, serving ...
Digging Into An Interesting New CVE
CVE-2023-38408, discovered by the Qualys Threat Research Unit (TRU), describes an RCE (remote code execution) vulnerability made possible by an unwanted interaction between OpenSSH’s ssh-agent executable, the dlopen() and dlclose() functions used ...
AI and Microdirectives
Imagine a future in which AIs automatically interpret—and enforce—laws. All day and every day, you constantly receive highly personalized instructions for how to comply with the law, sent directly by your government ...
Commentary on the Implementation Plan for the 2023 US National Cybersecurity Strategy
The Atlantic Council released a detailed commentary on the White House’s new “Implementation Plan for the 2023 US National Cybersecurity Strategy.” Lots of interesting bits. So far, at least three trends emerge: ...
Open Source Security Incidents and How Organizations Can Respond
Attacks that leverage vulnerabilities in open source software are on the rise. How security teams respond to these incidents is key to what impact they will ultimately have. Oftentimes the attacks stemming ...
MY TAKE: As network perimeters shift and ecosystems blend, the role of MSSPs solidifies
Deepening interoperability of AI-infused systems – in our buildings, transportation grids, communications systems and medical equipment — portend amazing breakthroughs for humankind. Related: The coming of optical infrastructure But first businesses must ...
Trail of Bits’s Response to OSTP National Priorities for AI RFI
By Michael Brown and Heidy Khlaaf The Office of Science and Technology Policy (OSTP) has circulated a request for information (RFI) on how best to develop policies that support the responsible development ...
News Alert: HostingAdvice poll finds one in three Americans hacked upon visiting sketchy websites
Gainesville, Fla., July 18, 2022 – Around 30,000 websites get hacked every day, with the majority of those cyberattacks due to human error. This has projected costs associated with cybercrimes to hit the tens of trillions by ...
Crucial Role of Mobile Application Testing
82% of Android devices and 38% of iOS devices have security vulnerabilities. Furthermore, business apps have a threefold higher chance of leaking sensitive login credentials than average apps. These findings highlight the ...
