From NSA Exploit to Widespread Ransomware: WannaCry Is on the Loose
The new EternalBlue NSA exploit is powering a wave of virulent ransomware sweeping across Europe. - Read more
The Hunt for IoT: The Networks Building Death Star-Sized Botnets
With a growth rate of 1,473% in 2016, the hunt for vulnerable IoT devices rages on... - Read more
Achieving Multi-Dimensional Security through Information Modeling – Part 1
Information modeling blends lateral thinking and deductive logic. Applied to information security, it’s a powerful technique for designing a security architecture with multi-dimensional controls...
OVH Renews Platinum Sponsorship of Let’s Encrypt
We’re pleased to announce that OVH has renewed their support for Let’s Encrypt as a Platinum sponsor for the next three years. OVH’s strong...
Ramnit’s Twist: A Disappearing Configuration
The Ramnit banking Trojan continues to evolve, this time with the intent of making the malware harder to detect. - Read more
The Conflicting Obligations of a Security Leader
Faced with competing pressures, CISOs are ultimately the experts at assessing what’s truly at stake in their organizations. - Read more
Application Threat Intelligence: What Do CISOs Need?
I’ve mentioned before how important strong risk management is to a CISO. When it comes to risk, the applications our users depend on are...
Let’s Encrypt 2016 In Review
Our first full year as a live CA was an exciting one. I’m incredibly proud of what our team and community accomplished during 2016....
Launching Our Crowdfunding Campaign
Today we kicked off our first crowdfunding campaign with the goal of raising enough funds to cover about one month of our operations -...
Our First Grant: The Ford Foundation
We are proud to announce that The Ford Foundation has awarded us a grant to help our growing operations.
The Ford Foundation is a major...
Latest article
Mistic Backdoor Blends With Microsoft Endpoint Security Tooling to Evade Detection
A new and stealthy backdoor named Mistic has been quietly targeting corporate networks since April 2026, disguising itself using the names and appearance of...
Restrict AWS Management Console access to expected networks with sign-in resource-based policies and RCPs
Amazon Web Services (AWS) recently announced support for resource-based policies and resource control policies (RCPs) for AWS Sign-In. By using resource-based policies and RCPs,...
Healthcare Vendor Xsolis Reports Breach Affecting 1.4M People
Xsolis confirmed a healthcare data breach affecting nearly 1.4 million people after a phishing attack exposed health and identity data.
The post Healthcare Vendor Xsolis...
Scattered Spider duo convicted over $38M Transport for London attack
Two members of the Scattered Spider cybercrime collective have admitted launching a cyberattack against Transport for London (TfL) that caused...
