This week’s news roundup newsletter ... SolarWinds Again, NationalPublicData.com, DNS Namespace Collisions, Georgia Tech Sued for NIST 800-171 Non-Compliance, Telegram Arrest for Unmoderated Content, New PCI Client-Side Security Requirements
This Week: NationalPublicData.com SSN exposures, T-Mobile $60m fine, Enzo Biochem fined, Disney Ts&Cs, exposed credentials, NIST encryption update planning
This Week: Black Hat, Microsoft, Cow Milking Robot Attack, Entrust, Outlook, CloudStrike, Cisco
Software Development Security Epic Fails: Meta AI, Cloudflare, CrowdStrike, VMWare, Cencora, National Public Data, HealthEquity, DigiCert, UK Electoral Commission, Japan National IDs
Software Development Security What’s Weak This Week: CloudStrike, Google, Secure Boot vulnerability exposing hundreds of devices, North Korea KnowBe4 attack
Software Development Security Epic Fails: Largest IT Outage in History - Cloudstrike, Microsoft, MediSecure, Rite Aid, Squarespace, Cisco
Software Development Security What's Week This Week: AT&T, Car Dealership Network, Signal, Python, undetected attacks, data breaches, secrets in code, expired certificates ...
Software Development Security Epic Fails: Indonesia, Twilo Authy, CocoaPods, Ghostscript, OpenSSH, Etherium, Prudential, ...
Software Development Security Epic Fails: Polyfill.io, Ticketmaster, GitLab, MOVEit, Wordpress Plug-ins, Entrust CA, TeamViewer, Indonesia, Rabbit R1 AI, Nuance Communications, Microsoft certificates
Epic Fails: Unsecured APIs, Databases, Secrets in Jira
Epic Fails: IDE plug-ins, insecure code repos, stolen credentials, ignored vulnerabilities, inadequate QA/security, ...
Software Development What's Weak This Week: Ticket Masters, FBI, 600k SOHO routers, Google AI, OpenAI, UnitedHealth, Sav-Rx, Christie's, VBS, ...
