Cloud hosting

Five Essential Reads to Understand the Meltdown and Spectre Processor Flaws

There has been plenty of (digital) ink spilled in recent days about widespread processor flaws known as “Meltdown” and “Spectre.” We round up five articles that will help you understand these security vulnerabilities, how they were discovered and their likely impact. 

Top Secret

Podcast: Uber Breach Puts Focus on Securing DevOps Secrets

The hack of Uber and the loss of information on 57 million customers is just the latest security incident stemming from what our guest Elizabeth Lawler calls “DevOps secrets” – valuable credentials, APIs and other sensitive information that often end up exposed to the public as a result of lax continuous development operations. In this Spotlight Edition* of The Security Ledger Podcast, sponsored by CyberArk, we talk with Elizabeth about how to contain DevOps secrets and secure the secret super user lurking in modern organizations: highly privileged application code. 

IoT’s Cloud Risk on Display with Flaws in Fuze Collaboration Platform

In-brief: Rapid7 said it found a number of flaws that leaked data on users of collaboration technology by Fuze. In an increasingly common finding: poorly secured cloud resources, not the handsets, were the problem. 

Mush and Muscle: Mixed Reaction to Trump’s Executive Order on Cyber

In-brief: President Donald Trump made good on a long-held campaign promise Thursday, signing a tough-talking executive order to strengthen the cyber security of federal networks. But experts worry that the Order comes with too few specifics.

Paul Roberts and Chenxi Wang - RSA Conference

Interview: Chenxi Wang on Information Security’s Mr. Robot Problem and Enforcing IoT Standards

In-brief: In an interview with Security Ledger Editor in Chief Paul Roberts, Chenxi Wang of the firm Twist Lock talks about information security’s “Mr. Robot” problem and the need for standards for the Internet of Things.