The Hunt for IoT: The Rise of Thingbots
With “thingbots” now launching Death Star-sized DDoS attacks, hosting banking trojans, and causing physical destruction, all signs point to them becoming the attacker infrastructure...
RSA in a “Pre-Post-Quantum” Computing World
Quantum computing is coming. What should your strategy be today to deal with what’s on the horizon? - Read more
Wildcard Certificates Coming January 2018
Update, March 13, 2018
Wildcard certificate support is live.
Let’s Encrypt will begin issuing wildcard certificates in January of 2018. Wildcard certificates are a commonly requested...
Milestone: 100 Million Certificates Issued
Let’s Encrypt has reached a milestone: we’ve now issued more than 100,000,000 certificates. This number reflects at least a few things:
First, it illustrates the...
ACME v2 API Endpoint Coming January 2018
Update, April 27, 2018
ACME v2 and wildcard support are fully available since March 13, 2018.
Update, January 4, 2018
We introduced a public test API endpoint...
From NSA Exploit to Widespread Ransomware: WannaCry Is on the Loose
The new EternalBlue NSA exploit is powering a wave of virulent ransomware sweeping across Europe. - Read more
The Hunt for IoT: The Networks Building Death Star-Sized Botnets
With a growth rate of 1,473% in 2016, the hunt for vulnerable IoT devices rages on... - Read more
Achieving Multi-Dimensional Security through Information Modeling – Part 1
Information modeling blends lateral thinking and deductive logic. Applied to information security, it’s a powerful technique for designing a security architecture with multi-dimensional controls...
The Conflicting Obligations of a Security Leader
Faced with competing pressures, CISOs are ultimately the experts at assessing what’s truly at stake in their organizations. - Read more
Application Threat Intelligence: What Do CISOs Need?
I’ve mentioned before how important strong risk management is to a CISO. When it comes to risk, the applications our users depend on are...
Latest article
Hackers Publish Malicious Python Package Mimicking Legitimate Parsimonious Parser
A deceptive Python package quietly made its way into the PyPI repository, putting thousands of developers at risk before it was caught and removed....
Microsoft identifies seven new ways AI agents can be hacked
Microsoft has identified seven new failure modes in agentic AI systems, in addition to those it identified last year in...
Building secure B2C applications with fine-grained access control using Amazon Cognito and Amazon Verified...
Modern web applications require robust security controls to protect user data and application resources. Authentication and authorization are two fundamental pillars of application security...
3 Principles to Safely Scale Agentic AI
- Read more
