IoT lottery: finding a perfectly secure connected device
Black Friday and Cyber Monday are great for shopping. Vendors flood the market with all kinds of goods, including lots of exciting connected devices...
A CISO Landmine: No Security Awareness Training
CISOs who fail to prioritize security awareness training are putting their business and assets at serious risk. - Read more
Five Reasons CISOs Should Keep an Open Mind About Cryptocurrencies
Far from a dying breed, cryptocurrencies are not only evolving but being accepted in countless new markets. CISOs need to know the ins and...
Where Do Vulnerabilities Come From?
Vulnerabilities are an emergent property of modern software’s complexity, requested features, and the way data inputs are handled. - Read more
The Hunt for IoT: The Rise of Thingbots
With “thingbots” now launching Death Star-sized DDoS attacks, hosting banking trojans, and causing physical destruction, all signs point to them becoming the attacker infrastructure...
RSA in a “Pre-Post-Quantum” Computing World
Quantum computing is coming. What should your strategy be today to deal with what’s on the horizon? - Read more
From NSA Exploit to Widespread Ransomware: WannaCry Is on the Loose
The new EternalBlue NSA exploit is powering a wave of virulent ransomware sweeping across Europe. - Read more
The Hunt for IoT: The Networks Building Death Star-Sized Botnets
With a growth rate of 1,473% in 2016, the hunt for vulnerable IoT devices rages on... - Read more
Achieving Multi-Dimensional Security through Information Modeling – Part 1
Information modeling blends lateral thinking and deductive logic. Applied to information security, it’s a powerful technique for designing a security architecture with multi-dimensional controls...
The Conflicting Obligations of a Security Leader
Faced with competing pressures, CISOs are ultimately the experts at assessing what’s truly at stake in their organizations. - Read more
Latest article
Unpatched ChromaDB flaw leaves servers open to remote code execution
Researchers have published details about a critical vulnerability in ChromaDB that could allow unauthenticated attackers to execute arbitrary code and...
[R1] Sensor Proxy Version 1.4.0 Fixes Multiple Vulnerabilities
Sensor Proxy Version 1.4.0 Fixes Multiple Vulnerabilities Jason Schavel Thu, 05/21/2026 - 16:00
Sensor Proxy leverages third-party software to help provide underlying functionality....
AWS KY3P report now available for third-party supplier due diligence
We’re excited to announce that Amazon Web Services (AWS) has completed the S&P Global Know Your Third Party (KY3P) assessment of its security posture....
Hackers Use Fake Microsoft Teams Downloads to Deploy ValleyRAT Malware
Hackers have been caught running a deceptive campaign that uses fake Microsoft Teams download websites to trick users into installing ValleyRAT, a remote access...
