Home Podcasts Videos Guest Posts Q&A My Take Bio Contact

Top Stories


GUEST ESSAY: The timing is ripe to instill trust in the open Internet — and why this must get done

By Hannah Aubry

In today’s digital age, trust has become a cornerstone of building a better Internet.

Preserving privacy for a greater good

The Internet was designed as a platform for peer research, not for the vast scale and diverse uses we see today. Over the decades, it’s grown in a way that has left it with many inherent vulnerabilities.

These vulnerabilities, not borne out of malice, were the result of choices made with limited information available at the time.

Fastly addresses these technological vulnerabilities by utilizing tools like Rust and WebAssembly. Leveraging WebAssembly’s sandboxing capabilities allows us to isolate potential risks, while Rust provides the memory safety essential for our modern internet applications.

Taming the human side

But the challenges facing the internet don’t just lie in its technical foundations. The societal aspects of technology, the human side, have grown equally unruly.

The trust deficit we experience today is palpable. People are wary of technology and its creators. Our major platforms, tools integral to modern life, are now used as vehicles for misinformation and chaos. A disconnect exists between those

Black Hat Fireside Chat: The impactful role crowdsourced security intelligence must play

By Byron V. Acohido

From Kickstarter to Wikipedia, crowdsourcing has become a part of everyday life.

Sharing intel for a greater good

Now one distinctive type of crowdsourcing — ethical hacking – is positioned to become a much more impactful component of securing modern networks.

I had a terrific discussion about this at Black Hat USA 2023 with Casey Ellis, founder and CTO of Bugcrowd, a pioneer in the crowdsourced security market. Bugcrowd ushered in crowdsourced security with its launch in 2012, and today a covey of vendors have followed suit, each supplying intricate platforms to connect hackers with proven skillsets to companies that have particular needs.

“What we’ve got under the hood is effectively a dating website for people who are good at breaking into computers,” Ellis says.

Crowdsourced security vendors (others include Synack, Hacker One and Intigriti) make it seamless for companies to tap into a global network of software coders, and set them on

GUEST ESSAY: Robust data management can prevent theft, guard intellectual property

By Clark Frogley

In an era of global economic uncertainty, fraud levels tend to surge, bringing to light the critical issue of intellectual property (IP) theft.

Related: Neutralizing insider threats

This pervasive problem extends beyond traditional notions of fraud, encompassing both insider threats and external risks arising from partnerships, competitors, and poor IP management. Organizations dedicate substantial resources to detecting and preventing fraudulent activity in customer accounts.

Yet, the rise of internal fraud presents a unique challenge. Perpetrated by insiders who already possess unrestricted access to highly sensitive data and systems, internal fraud not only defies easy prevention but also imposes substantial costs.

Annually, American businesses suffer losses exceeding $50 billion, underscoring the impact on competitiveness in today’s fiercely competitive landscape. To navigate this complex landscape, business leaders must strike

GUEST ESSAY: Securing your cryptocurrency — best practices for Bitcoin wallet security

By Ronin Ashford

Over time, Bitcoin has become the most widely used cryptocurrency in the world. Strong security measures become increasingly important as more people use this digital currency.

Preserving privacy for a greater good

For managing and keeping your Bitcoin assets, you must need a bitcoin wallet, which is a digital version of a conventional wallet. The protection of your priceless digital assets will be guaranteed by this article’s discussion of the best techniques for protecting your Bitcoin wallet.Bu

A Bitcoin wallet is a piece of software that enables users to transmit, receive, and store bitcoins securely. While it performs similarly to a regular wallet, it stores digital assets in the form of cryptographic keys rather than actual cash or credit cards. These wallets are available in a variety of formats, including hardware wallets, online wallets, mobile wallets, and desktop wallets. Users can select depending on their unique needs

News Alert: Reflectiz declares war on Magecart web-skimming attacks as holidays approach

Tel Aviv, Israel, Sept. 5, 2023 — Reflectiz, a cybersecurity company specializing in continuous web threat management offers an exclusive, fully remote solution to battle Magecart web-skimming attacks, a popular type of cyberattacks involving injecting malicious code into the checkout pages.

As the Holiday Season approaches, online retailers face the challenge of protecting their websites against the growing threat of malicious attacks, such as Magecart. However, they struggle to add new security layers due to restrictions on modifying their website code to avoid impacting website performance during the peak shopping season.

Reflectiz, a unique web security tool, ensures 100% readiness for Magecart attacks before and during the Holiday Season. This is made possible by Reflectiz’s external, non-intrusive solution, requiring

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

By Byron V. Acohido

New government rules coupled with industry standards meant to give formal shape to the Internet of Things (IoT) are rapidly quickening around the globe.

Preserving privacy for a greater good

This is to be expected. After all, government mandates combined with industry standards are the twin towers of public safety. Without them the integrity of our food supplies, the efficacy of our transportation systems and reliability of our utilities would not be what they are.

When it comes to IoT, we must arrive at specific rules of the road if we are to tap into the full potential of smart cities, autonomous transportation and advanced healthcare.

In the absence of robust, universally implemented rules of the road, cybercriminals will continue to have the upper hand and wreak even more havoc than they now do. Threat actors all-too-readily compromise, disrupt and maliciously manipulate the comparatively simple IoT systems we havein operation today.

I had an eye-opening conversation about all of this with Steve Hanna, distinguished engineer at Infineon Technologies, a global semiconductor manufacturer based in Neubiberg, Germany. We went over how governments around the world are stepping up their efforts to impose IoT security legislation and regulations designed to keep users safe.

This is happening at the same time as tech industry consortiums are

Black Hat Fireside Chat: How ‘enterprise browsers’ serve as a checkpoint to stop ChatGPT leakage

By Byron V. Acohido

For a couple of decades now, the web browser has endured in workplace settings as the primary employee-to-Internet interface. It’s really just assumed to be a given that a browser built for consumers is an acceptable application for employees to use to work.

Preserving privacy for a greater good

And despite advances, like sandboxing, browser isolation and secure gateways, the core architecture of web browsers has remained all-too vulnerable to malicious attacks.

There was a lot of buzz at Black Hat USA 2023 about advanced “enterprise browsers.” I visited with Uy Huynh, vice president of solutions engineering at Island.io, to discuss this. For a full drill down please give the accompanying podcast a listen.

Built on the Chromium open source code, Island’s Enterprise Browser recognizes the identity and considers the role of each user—be it an employee, contractor, or HR personnel. This granular visibility aids in rapid onboarding while also bolstering security protocols, Huynh explained.

This can serve as a “last mile” checkpoint to curtail Shadow IT; in particular,