Website, Know Thyself: What Code Are You Serving?
Code-injection via third- and fourth-party scripts — as seen with Magecart — is a growing security problem for websites. Continue reading Website, Know Thyself: What Code Are You Serving?
Collaborate Disseminate
Code-injection via third- and fourth-party scripts — as seen with Magecart — is a growing security problem for websites. Continue reading Website, Know Thyself: What Code Are You Serving?
It’s been around forever, but in a modern digital era marked by influence campaigns and deep fakes, information warfare has become much easier to carry out. Continue reading Fake News and Influence: Information Warfare in the Digital Age
A good appreciation and respect for good real-world architecture goes a long way when it comes to architecting resilient systems. Continue reading Finding Beauty In The Architecture
All too often, information-sharing is limited to vertical market silos; to build better defenses, it’s time to take a broader view beyond the ISAC. Continue reading Sharing Threat Intelligence: Time for an Overhaul
Why many attack techniques can be reused – but organizations can’t defend against them. Continue reading Rogue Waves: Preparing the Internet for the Next Mega DDoS Attack
Why are hackers using the DNS infrastructure against us? The answer is more complex than you might think. Continue reading Three Ways DNS is Weaponized and How to Mitigate the Risk
A look at API attack trends such as the current (and failing) architectural designs for addressing security of these API transactions. Continue reading Fighting Fire with Fire: API Automation Risks
True auto safety can only be achieved by knowing what every piece of code and hardware is that goes into the car. Continue reading Automotive Security: It’s More Than Just What’s Under The Hood
Examples of how attackers carry out mass exploitation campaigns and how to defend against them. Continue reading The Nature of Mass Exploitation Campaigns