Hacks & Hackers

NASCO Alerts

AppSec Is A Mess. Our Kids Are Paying The Price.

Data stolen? Get used to it kid. That’s the reality for young people coming of age today in the app sec shanty town that is the 21st century U.S. economy. Like the actual favelas and shanty towns that have sprung up in developing nations over the last century, our application ecosystem is sprawling, unregulated, ad-hoc and prone to shocking breakdowns and failures. Our kids are paying the price.

Photo by RealToughCandy.com: https://www.pexels.com/photo/person-holding-a-sticker-11035393/

Episode 253: DevSecOps Worst Practices With Tanya Janca of We Hack Purple

Tanya Janca of the group We Hack Purple, talks with Security Ledger host Paul Roberts about the biggest security mistakes that DevSecOps teams make, and application development’s “tragedy of the commons,” as more and more development teams lean on open source code.

Sign highlighting DEF CON villages

Is a DEF CON Village the right way to assess AI risk?

The AI industry is pointing to the AI Village at DEF CON as a venue for assessing cybersecurity risk. But is a “village” the best way to test AI risk? Experts have their doubts.

Official POC Signal

Beware: Images, Video Shared on Signal Hang Around

A researcher is warning that photos and video files shared in Signal chats may be hanging around on devices, even when they deleted the messages in which the images were shared.

T-Mobile: Leaky API Exposes Data on 37 Million

U.S. Telecommunications giant T-Mobile disclosed on Thursday that hackers obtained data on 37 million customers through a vulnerable API (application program interface). The disclosure was included in an 8-K filing with the U.S. Securities and Exchange Commission.