imminent threats – WindowsTechs.com

ROUNDTABLE: Targeting the supply-chain: SolarWinds, then Mimecast and now UScellular

Posted on February 3, 2021 by bacohido

It’s only February, and 2021 already is rapidly shaping up to be the year of supply-chain hacks.
Related: The quickening of cyber warfare
The latest twist: mobile network operator UScellular on Jan. 21 disclosed how cybercriminals broke into its Custom… Continue reading ROUNDTABLE: Targeting the supply-chain: SolarWinds, then Mimecast and now UScellular→

Posted on December 28, 2020 by bacohido

How did we get to this level of disinformation? How did we, the citizens of the United States of America, become so intensely divided?
It’s tempting to place the lion’s share of the blame on feckless political leaders and facile … (more…)
The post MY … Continue reading MY TAKE: How Russia is leveraging insecure mobile apps to radicalize disaffected males→

Posted on September 23, 2020 by bacohido

What do wildfires and credential stuffing have in common?
Related: Automated attacks leverage big data
For several years now, both have flared up and caused harm at the fringes of population centers and our digital economy. And, now, in 2020, … (more…)… Continue reading MY TAKE: How ‘credential stuffing’ is being deployed to influence elections, steal Covid-19 relief→

Posted on September 1, 2020 by bacohido

Graham Ivan Clark, Onel de Guzman and Michael Calce. These three names will go down in the history of internet commerce, right alongside Jack Dorsey, Mark Zuckerberg and Jeff Bezos.
Related: How ‘Zero Trust’ is compatible with agile computing
We’re … (… Continue reading MY TAKE: Lessons learned from the summer of script kiddies hacking Twitter, TikTok→

Posted on August 17, 2020 by bacohido

The amazing array of digital services we so blithely access on our smartphones wouldn’t exist without agile software development.
Related: ‘Business logic’ hacks on the rise
Consider that we began this century relying on the legacy “waterfall” software… Continue reading NEW TECH: A better way to secure agile software — integrate app scanning, pen testing into WAF→

Posted on July 21, 2020 by bacohido

Cloud migration, obviously, is here to stay.
Related: Threat actors add ‘human touch’ to hacks
To be sure, enterprises continue to rely heavily on their legacy, on-premises datacenters. But there’s no doubt that the exodus to a much g… Continue reading Q&A: Sophos poll shows how attackers are taking advantage of cloud migration to wreak havoc→

Posted on April 14, 2020 by bacohido

In one sense, digital transformation is all about machines.
Related: Authenticating IoT devices
Physical machines, like driverless vehicles and smart buildings; but, even more so, virtual machines. I’m referring to the snippets of “microser… Continue reading SHARED INTEL: Study shows mismanagement of ‘machine identities’ triggers $52 billion in losses→

Posted on April 7, 2020 by bacohido

Application programming interface. API. It’s the glue holding digital transformation together.
Related: A primer on ‘credential stuffing’
APIs are the conduits for moving data to-and-fro in our digitally transformed world. APIs are li… Continue reading SHARED INTEL: How attacks on web, mobile apps are being fueled by rising API vulnerabilities→

Posted on February 3, 2020 by bacohido

Less than 48 hours after the killing of Iran’s General Qasem Soleimani, the U.S. Department of Homeland Security issued a bulletin calling out Iran’s “robust cyber program,” and cautioning everyone to be prepared for Iran to &#8… Continue reading MY TAKE: Iran’s cyber retaliation for Soleimani assassination continues to ramp up→

Posted on January 3, 2020 by bacohido

As tensions escalate between the U.S. and Iran it’s vital not to lose sight of how we arrived at this point. Related: We’re in the golden age of cyber spying Mainstream news outlets are hyper focused on the events of the past six days. A De… Continue reading MY TAKE: Why we should all now focus on restoring stability to US-Iran relations→