Author Archives: Tony Lauro

Website, Know Thyself: What Code Are You Serving?

Posted on November 14, 2019 by Tony Lauro

Code-injection via third- and fourth-party scripts — as seen with Magecart — is a growing security problem for websites. Continue reading Website, Know Thyself: What Code Are You Serving?→

Fake News and Influence: Information Warfare in the Digital Age

Posted on August 16, 2019 by Tony Lauro

It’s been around forever, but in a modern digital era marked by influence campaigns and deep fakes, information warfare has become much easier to carry out. Continue reading Fake News and Influence: Information Warfare in the Digital Age→

Finding Beauty In The Architecture

Posted on July 1, 2019 by Tony Lauro

A good appreciation and respect for good real-world architecture goes a long way when it comes to architecting resilient systems. Continue reading Finding Beauty In The Architecture→

Sharing Threat Intelligence: Time for an Overhaul

Posted on May 20, 2019 by Tony Lauro

All too often, information-sharing is limited to vertical market silos; to build better defenses, it’s time to take a broader view beyond the ISAC. Continue reading Sharing Threat Intelligence: Time for an Overhaul→

Rogue Waves: Preparing the Internet for the Next Mega DDoS Attack

Posted on April 15, 2019 by Tony Lauro

Why many attack techniques can be reused – but organizations can’t defend against them. Continue reading Rogue Waves: Preparing the Internet for the Next Mega DDoS Attack→

Three Ways DNS is Weaponized and How to Mitigate the Risk

Posted on March 13, 2019 by Tony Lauro

Why are hackers using the DNS infrastructure against us? The answer is more complex than you might think. Continue reading Three Ways DNS is Weaponized and How to Mitigate the Risk→

Fighting Fire with Fire: API Automation Risks

Posted on January 24, 2019 by Tony Lauro

A look at API attack trends such as the current (and failing) architectural designs for addressing security of these API transactions. Continue reading Fighting Fire with Fire: API Automation Risks→

Automotive Security: It’s More Than Just What’s Under The Hood

Posted on December 17, 2018 by Tony Lauro

True auto safety can only be achieved by knowing what every piece of code and hardware is that goes into the car. Continue reading Automotive Security: It’s More Than Just What’s Under The Hood→

The Nature of Mass Exploitation Campaigns

Posted on November 28, 2018 by Tony Lauro

Examples of how attackers carry out mass exploitation campaigns and how to defend against them. Continue reading The Nature of Mass Exploitation Campaigns→