We tear down some infosec conventional wisdom—there’s a lot of bad advice out there.
Securing your digital life, part two: The bigger picture—and special circumstances
We did the basics—now let’s look at some more detailed steps to protect yourself.
Starting your journey to zero trust adoption
“Zero trust” is certainly a buzzword that gets freely thrown around in cybersecurity. But what does it actually mean?
Apple forgot to sanitize the Phone Number field for lost AirTags
Another bug-bounty boondoggle leads to public disclosure before the bug is fixed.
Three iOS 0-days revealed by researcher frustrated with Apple’s bug bounty
Public disclosure comes in wake of other grumblings about Apple’s bug bounty behavior.
Security audit raises severe warnings on Chinese smartphone models
The audit red-flagged Xiaomi and Huawei phones but gave OnePlus a pass.
#epikfail
On Sept 13, 2021, hackers self-identifying as “Anonymous” breached domain registrar and web services provider Epik, which provides domain name, hosting, and DNS services for a variety of clients including the Texas GOP, Gab, Parler, and 8chan, among ot…
Nation-state espionage group breaches Alaska Department of Health
Fallout continues from an advanced persistent threat first detected in May 2021.
Infosec researchers say Apple’s bug-bounty program needs work
Apple allegedly pays less for bugs than its competitors do—and pays more slowly.
“Worst cloud vulnerability you can imagine” discovered in Microsoft Azure
30% of Cosmos DB customers were notified—more are likely impacted.