Malicious Automation is driving API Security Breaches
Removing the ability to automate against a vulnerable API is a huge step forward, as automation is a key enabler for both the exploitation and the extraction of large amounts of...
Spotlight: Making the Most of Cyber Threat Intelligence with Itsik Kesler of KELA
In this Spotlight episode of the Security Ledger podcast, I interview Itsik Kesler, the CTO of the threat intelligence firm Kela about the evolution of threat intelligence and findings from the company’s latest State...
Forget the IoT. Meet the IoZ: our Internet of Zombie things
A school that never sleeps? Cameras that go dark? A dead company hacked back to life? Welcome to the growing Internet of Zombie devices that threatens the security of the Internet....
Beware: Images, Video Shared on Signal Hang Around
A researcher is warning that photos and video files shared in Signal chats may be hanging around on devices, even when they deleted the messages in which the images were shared....
T-Mobile: Leaky API Exposes Data on 37 Million
U.S. Telecommunications giant T-Mobile disclosed on Thursday that hackers obtained data on 37 million customers through a vulnerable API (application program interface). The disclosure was included in an 8-K filing with...
New Report Finds Auto Cyber Is A Dumpster Fire
Automakers swear that the security of their connected vehicles is their top priority. So how come researchers just found dozens of software flaws that could give hackers access to millions of...
IoCs vs. EoCs: What’s the difference and why should you care?
Security analysts and threat hunters know the importance of IOCs – indicators of compromise. But EOCs - enablers of compromise - are just as important.
The post IoCs vs. EoCs: What’s...
Episode 248: GitHub’s Jill Moné-Corallo on Product Security And Supply Chain Threats
In this episode of the Security Ledger Podcast, Paul speaks with Jill Moné-Corallo, the Director of Product Security Engineering Response at GitHub. Jill talks about her journey from a college stint...
Episode 247: Into the AppSec Trenches with Robinhood CSO Caleb Sima
Paul speaks with Caleb Sima, the CSO of the online trading platform Robinhood, about his journey from teenage cybersecurity phenom and web security pioneer, to successful entrepreneur to an executive in...
Cloudflare Targets Security Poverty Line With Free Tools For At-Risk Groups
Humanitarian groups, local governments and non-profits will be able to use Cloudflare’s Zero Trust One suite of security tools at no cost, the company announced.
The post Cloudflare Targets Security Poverty...