A Review of the Best News of the Week on Cloud Security, DevOps, AppSec GitHub Starts Scanning for Exposed Package Registry Credentials (SecurityWeek, Jun 10 2021) GitHub this week announced that it has started scanning code hosted on its platform for package registry credentials, including RubyGems and PyPI secrets. Cloud
A Review of the Best News of the Week on AI, IoT, & Mobile Security Detecting Deepfake Picture Editing (Schneier on Security, Jun 10 2021) “‘Markpainting’ is a clever technique to watermark photos in such a way that makes it easier to detect ML-based manipulation: An image owner can modify
A Review of the Best News of the Week on Cyber Threats & Defense How Hackers Used Slack to Break into EA Games (VICE, Jun 14 2021) A representative for the hackers explained to Motherboard how the group stole a wealth of data from the game publishing giant. “Once inside
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. This is not a drill: VMware vuln with 9.8 severity rating is under attack (Ars Technica, Jun 04 2021) Code execution flaw in vCenter is exploited to install web shell on unpatched machines. 2. How to Protect
A Review of the Best News of the Week on Cybersecurity Management & Strategy Supreme Court narrows interpretation of CFAA, to the relief of ethical hackers (SC Media, Jun 03 2021) Individuals do not exceed authorized computer access if they obtain data to which they are entitled for improper reasons,
A Review of the Best News of the Week on Identity Management & Web Fraud $1 billion piracy ruling could force ISPs to disconnect users (Ars Technica, Jun 07 2021) Increased account terminations would punish “innocent” users, groups tell court. NYPD’s Sprawling Facial Recognition System Now Has More Than 15,000
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec How an Obscure Company Took Down Big Chunks of the Internet (Wired, Jun 08 2021) You may not have heard of Fastly, but you felt its impact when sites didn’t load around the world Tuesday morning.
A Review of the Best News of the Week on AI, IoT, & Mobile Security Trojan Shield: How the FBI Secretly Ran a Phone Network for Criminals (VICE, Jun 07 2021) New court records detail how the FBI turned encrypted phone company ‘Anom’ into a honeypot for organized crime. Hacker’s
A Review of the Best News of the Week on Cyber Threats & Defense This is not a drill: VMware vuln with 9.8 severity rating is under attack (Ars Technica, Jun 04 2021) Code execution flaw in vCenter is exploited to install web shell on unpatched machines. How to Protect