A Review of the Best News of the Week on Cloud Security, DevOps, AppSec MacOS Zero-Day Let Attackers Bypass Privacy Preferences (Dark Reading, May 25 2021) Apple has released security patches for vulnerabilities in macOS and tvOS that reports indicate have been exploited in the wild. Label standard and best
A Review of the Best News of the Week on AI, IoT, & Mobile Security Hacker’s guide to deep-learning side-channel attacks: the theory (Elie Bursztein, May 21 2021) Learn the concepts behind deep-learning side-channels attack, a powerful cryptanalysis technique, by using it to recover AES cryptographic keys from a hardware
A Review of the Best News of the Week on Cyber Threats & Defense #RSAC: The Most Dangerous New Attack Techniques (Infosecurity Magazine, May 20 2021) Annual panel at the RSA Conference identifies a number of areas of concern, including improper session handling and an evolution of ransomware Vulnerabilities in
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Try This One Weird Trick Russian Hackers Hate (Krebs on Security, May 17 2021) “In a Twitter discussion last week on ransomware attacks, KrebsOnSecurity noted that virtually all ransomware strains have a built-in failsafe designed to cover
A Review of the Best News of the Week on Cybersecurity Management & Strategy Apple Censorship and Surveillance in China (Schneier on Security, May 19 2021) Good investigative reporting on how Apple is participating in and assisting with Chinese censorship and surveillance. DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash
A Review of the Best News of the Week on Identity Management & Web Fraud Apple rejected 215k iOS apps due to privacy last year (Graham Cluley, May 18 2021) Apple is talking up the efforts it makes to police the iOS App Store, revealing that during 2020 it rejected
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Cloud CISO Perspectives: May 2021 (Google Cloud Blog, May 13 2021) “Today, I’ll recap our cloud security and industry highlights, a sneak peak of what’s ahead from Google at RSA and more.” University of Minnesota researchers
A Review of the Best News of the Week on AI, IoT, & Mobile Security #RSAC: Bruce Schneier Warns of the Coming AI Hackers (Infosecurity Magazine, May 17 2021) AI hacking has the potential to reshape the cybersecurity landscape for good or for evil, Schneier warns in a grim RSA
A Review of the Best News of the Week on Cyber Threats & Defense Try This One Weird Trick Russian Hackers Hate (Krebs on Security, May 17 2021) “In a Twitter discussion last week on ransomware attacks, KrebsOnSecurity noted that virtually all ransomware strains have a built-in failsafe designed to