In this podcast, sponsored by LastPass, former U.S. CISO Greg Touhill joins us to talk about news of a vast hack of U.S. government networks, which he calls a “five alarm fire” reportedly set by Russia.
If you work within the security industry, compliance is seen almost as a dirty word. You have likely run into situations like that which @Nemesis09 describes below. Here, we see it’s all too common for organizations to treat testing compliance as a checkbox exercise and to thereby view compliance in a way that goes against its entire purpose. There are challenges when it comes to compliance, for sure. Organizations need to figure out whether to shape their efforts to the letter of an existing law or to base their activities in the spirit of a “law” that best suits their security needs—even if that law doesn’t exists. There’s also the assumption that a company can acquire ‘good enough’ security by implementing a checkbox exercise, never mind the confusion explained by @Nemesis09. Podcast Episode 141: Massive Data Breaches Just Keep Happening. We Talk about Why. However, there is truth behind why […]
A serious security flaw in a commonly used npm security module, private-ip, may affect hundreds of thousands of private and public applications.
Chinese electronics giant TCL has acknowledged security holes in some models of its smart television sets, but denies that it maintains a secret “back door” that gives it control over deployed TVs.
Cyber attacks meant to disrupt the 2020 presidential election in the US were a foregone conclusion. But two weeks and more than 140 million votes later, predictions of cyber attacks on the U.S. presidential election have fallen flat. What happened?