Bill Sempf
The Capital One breach leads the news this week, for a dozen good reasons.
https://start.jcolemorrison.com/the-technical-side-of-the-capital-one-aws-security-breach/
Reeeeeely good writup on Crypto attacks from Checkpoint. More than just reading the unreadable, ya know.
https://research.checkpoint.com/cryptographic-attacks-a-guide-for-the-perplexed/
The Node Package Manager is in the news again, thanks to a huge kerfuffle related to someone injecting malware into a much-used package. Think before you import, people.
https://harry.garrood.me/blog/malicious-code-in-purescript-npm-installer/
https://medium.com/commitlog/the-internet-is-at-the-mercy-of-a-handful-of-people-73fac4bc5068
Credential stuffing attacks are outpacing phishing, sayth Akamai.
https://www.theregister.co.uk/2019/07/31/black_hats_hate_banks_says_akamai/
And we are still talking about weakening encryption, of course:
https://www.forbes.com/sites/kalevleetaru/2019/07/26/the-encryption-debate-is-over-dead-at-the-hands-of-facebook/#37320cb05362
That's the news, people. Stay safe.
Tags:
Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.