There has been plenty of (digital) ink spilled in recent days about widespread processor flaws known as “Meltdown” and “Spectre.” We round up five articles that will help you understand these security vulnerabilities, how they were discovered and their likely impact.
The hack of Uber and the loss of information on 57 million customers is just the latest security incident stemming from what our guest Elizabeth Lawler calls “DevOps secrets” – valuable credentials, APIs and other sensitive information that often end up exposed to the public as a result of lax continuous development operations. In this Spotlight Edition* of The Security Ledger Podcast, sponsored by CyberArk, we talk with Elizabeth about how to contain DevOps secrets and secure the secret super user lurking in modern organizations: highly privileged application code.
In-brief: Rapid7 said it found a number of flaws that leaked data on users of collaboration technology by Fuze. In an increasingly common finding: poorly secured cloud resources, not the handsets, were the problem.
In-brief: President Donald Trump made good on a long-held campaign promise Thursday, signing a tough-talking executive order to strengthen the cyber security of federal networks. But experts worry that the Order comes with too few specifics.
In-brief: In an interview with Security Ledger Editor in Chief Paul Roberts, Chenxi Wang of the firm Twist Lock talks about information security’s “Mr. Robot” problem and the need for standards for the Internet of Things.