Collaborate Disseminate
Software security has been ‘shifting left’ in recent years. Thanks to movements like Agile and Dev(Sec)Ops, software developers are finding that they have to take more responsibility for the security of their code. By moving performance and… Continue reading DevSecOps and the shift left in security: how Semmle is supporting software developers [Podcast]
Social engineering is a tactic where the attacker influences the victim to obtain valuable information. Office employees are targeted to reveal confidential data about a corporation while non-specialists can come under the radar to disclose their credi… Continue reading 6 Tips to Prevent Social Engineering
Recently, British Airways was slapped with a $230M fine after attackers stole data from hundreds of thousands of its customers in a massive breach. The fine, the result of a GDPR prosecution, was issued after a 2018 Magecart attack. Attackers were able… Continue reading What is a Magecart attack, and how can you protect your business?
Google’s long experience and success in, protecting itself against cyberattacks plays to our advantage as customers of the Google Cloud Platform (GCP). From years of warding off security threats, Google is well aware of the security implications … Continue reading Understanding security features in the Google Cloud Platform (GCP)
The decision to which information security measures should be used across the company’s IT infrastructure and which ones should be left out may be a tough one for midsized companies. The financial resources of a midsized company cannot allow appl… Continue reading A cybersecurity primer for mid sized businesses
Dark patterns are often used online to deceive users into taking actions they would otherwise not take under effective, informed consent. Dark patterns are generally used by shopping websites, social media platforms, mobile apps and services as a part … Continue reading Experts discuss Dark Patterns and deceptive UI designs: What are they? What do they do? How do we stop them?
In large part, the security of an ecommerce company is the responsibility of its technical support team and ecommerce software vendors. In reality, cybercriminals often exploit the security illiteracy of the staff to hit a company. Of all the ecommerce… Continue reading 3 cybersecurity lessons for e-commerce website administrators
Industrial organizations are prime targets for spies, criminals, hacktivists and even enemy countries. Spies from rival organizations seek ways to access industrial control systems (ICS) so they can steal intelligence and technology and gain a competit… Continue reading Defensive Strategies Industrial Organizations Can Use Against Cyber Attacks
Last Saturday, Google presented a paper in the Munich Security Conference titled How Google Fights Disinformation. In the paper, they explain what steps they’re taking against disinformation and detail their strategy for their platforms Google Se… Continue reading Google released a paper showing how it’s fighting disinformation on its platforms
At FOSDEM 2019, Belgium, Maximilian Blochberger talked about preventing cryptographic pitfalls by avoiding mistakes while integrating cryptographic mechanisms correctly. Blochberger is a research associate at the University of Hamburg. FOSDEM is a free… Continue reading FOSDEM 2019: Designing better cryptographic mechanisms to avoid pitfalls – Talk by Maximilian Blochberger