The Ping is the Thing: Popular HTML5 Feature Used to Trick Chinese Mobile Users into Joining Latest DDoS Attack

DDoS attacks have always been a major threat to network infrastructure and web applications. Attackers are always creating new ways to exploit legitimate services for malicious purposes, forcing us to constantly research DDoS attacks in our CDN to buil… Continue reading The Ping is the Thing: Popular HTML5 Feature Used to Trick Chinese Mobile Users into Joining Latest DDoS Attack

Proposed Bill Would Strengthen California’s Data Breach Notification Law

A new bill would strengthen California’s data breach notification law by expanding the types of information of whose exposure businesses are legally obligated to inform their customers. On 21 February, California Attorney General Xavier Becerra a… Continue reading Proposed Bill Would Strengthen California’s Data Breach Notification Law

Code Review Lamp Subtly Reminds You To Help Your Fellow Developer

[Dimitris Platis] works in an environment with a peer review process for accepting code changes. Code reviews generally are a good thing. One downside though, is that a lack of responsiveness from other developers can result in a big hit to team’s development speed. It isn’t that other developers are unwilling to do the reviews, it’s more that individuals are often absorbed in their own work and notification emails are easily missed. There is also a bit of a “tragedy of the commons” vibe to the situation, where it’s easy to feel that someone else will surely attend to the …read more

Continue reading Code Review Lamp Subtly Reminds You To Help Your Fellow Developer

Popup Notification Dinosaur

There’s a lot going on our virtual spaces, and anyone with a smart phone can attest to this fact. There are pop-up notifications for everything you can imagine, and sometimes it’s possible for the one really important notification to get lost in a sea of minutiae. To really make sure you don’t miss that one important notification, you can offload that task to your own personal dinosaur.

The 3D-printed dinosaur has a rack-and-pinion gear set that allows it to extend upwards when commanded. It also has a set of LEDs for eyes that turn on when it pops up. The …read more

Continue reading Popup Notification Dinosaur

Government’s software vulnerability repository is slow to add new cyberthreats, report says

There is a median lag time of approximately seven days between when someone discovers an exploitable software vulnerability and its eventual release on the National Vulnerability Database, or NVD, according to research conducted by U.S. cybersecurity and dark web intelligence firm Recorded Future. The NVD, a public repository managed by the National Institute of Standards and Technology that contains data on known vulnerabilities, is one of the preeminent disclosure platforms for information about software flaws that can be exploited by hackers. Private companies and the government share access to it. Recorded Future cautioned companies and agencies against relying on it as the fastest way to learn about new risks to their network infrastructure, products, digital services and other business processes. “While it’s tempting to think of the National Vulnerability Database as the central source for vulnerability information, the reality is that there is a vast amount of content about vulnerabilities already published prior to […]

The post Government’s software vulnerability repository is slow to add new cyberthreats, report says appeared first on Cyberscoop.

Continue reading Government’s software vulnerability repository is slow to add new cyberthreats, report says

Cyber Security Snake Oil

Hello again readers and welcome back! Today’s blog post is going to cover an instance, which unfortunately occurs WAY to often in the cyber-security realm, especially on the topic of “threat intelligence” or “advanced analytics” or whatever other buzzw… Continue reading Cyber Security Snake Oil

Cyber Security Snake Oil

Hello again readers and welcome back! Today’s blog post is going to cover an instance, which unfortunately occurs WAY to often in the cyber-security realm, especially on the topic of “threat intelligence” or “advanced analytics” or whatever other buzzw… Continue reading Cyber Security Snake Oil