Data Safety and Information Security

Data Safety and Information Security

745 bookmarks
Custom sorting
How to stay safe from repo-jacking
How to stay safe from repo-jacking
Repo-jacking is a specific type of supply chain attack. This blog post explains what it is, what the risk is, and what you can do to stay safe.
·github.blog·
How to stay safe from repo-jacking
The "KeyTrap" DNS vulnerability
The "KeyTrap" DNS vulnerability
DNS resolvers (those that handle DNSSEC, at least) are almost uniformly vulnerable to an exploit that has been named "KeyTrap". In short, the right type of packet can send a DNS system into something close to an infinite loop, taking it out of service indefinitely.
·lwn.net·
The "KeyTrap" DNS vulnerability
How are WLAN Infrastructures in Enterprises Secured?
How are WLAN Infrastructures in Enterprises Secured?
Learn about the scalability challenges of Pre-shared (PSK) configurations in the enterprise, as well as how 802.1X addresses and resolves them elegantly.
·tbhaxor.com·
How are WLAN Infrastructures in Enterprises Secured?
Zero Trust with Zero Data
Zero Trust with Zero Data
The physical world is full of zero trust examples, but they gather attributes for the access control decisions in a very different way than we're used to online.
·windley.com·
Zero Trust with Zero Data
Zero Trust made simple
Zero Trust made simple
Rest assured, adopting a Zero Trust strategy need not be overwhelming or complicated —we encourage gradual implementation and highlight the potential for steady progress and strengthened resilience within any organization. Get started on your Zero Trust journey today.
·networkworld.com·
Zero Trust made simple
Phishing Impact Test Shows the Specific Likely Harms to The Organization Should an Employee's Credentials Be Stolen : @VMblog
Phishing Impact Test Shows the Specific Likely Harms to The Organization Should an Employee's Credentials Be Stolen : @VMblog
Phishing Impact testing from autonomous pentesting company Horizon3.ai fills a knowledge gap by providing organizations with the precise impacts and likely outcomes of a successful phishing campaign on their particular organization and systems, should
·vmblog.com·
Phishing Impact Test Shows the Specific Likely Harms to The Organization Should an Employee's Credentials Be Stolen : @VMblog
Privacy and PDF metadata | forensics
Privacy and PDF metadata | forensics
When you create a PDF file, what you see is not all you get. You also include metadata that you may not be aware of.
·johndcook.com·
Privacy and PDF metadata | forensics
Relationship Based Access Control (ReBAC): When To Use It
Relationship Based Access Control (ReBAC): When To Use It
We will examine Relationship Based Access Control (ReBAC) and its common models that you should not try to implement with roles (RBAC) or attributes (ABAC) to avoid technical debt and security breaches.
·permify.co·
Relationship Based Access Control (ReBAC): When To Use It
Acceptance Networks for Self-Sovereign Identity
Acceptance Networks for Self-Sovereign Identity
We can't have broad adoption of verifiable credentials until we find a way to scale their presentation by providing tooling that credential verifiers can use to reduce their risk and gain confidence in the facts presented to them.
·windley.com·
Acceptance Networks for Self-Sovereign Identity
Level up: Gamify Your Software Security
Level up: Gamify Your Software Security
Incorporating game-like elements can encourage developers to not only prioritize security, but do so in an engaging and rewarding way.
·thenewstack.io·
Level up: Gamify Your Software Security
On the matter of the British Library cyber incident
On the matter of the British Library cyber incident
The most important lesson to figure out is why it is taking so long to restore services. That will tell us how to prevent such a calamity in other vital national institutions.
·ciaranmartin.substack.com·
On the matter of the British Library cyber incident
Locking Down The Edge
Locking Down The Edge
COMMISSIONED: Edge security is a growing headache. The attack surface is expanding as more operational functions migrate out of centralized locations and
·nextplatform.com·
Locking Down The Edge
3 Steps to Reclaiming Your Online Privacy and Security (Part I) - Universal Journal
3 Steps to Reclaiming Your Online Privacy and Security (Part I) - Universal Journal
Explore Zone One, the crucial starting point for bolstering your online privacy and security. Discover essential steps to safeguard your digital life, from password management to minimizing your digital footprint. Take control of your online presence and learn how to protect your personal information effectively.
·universaljournal.net·
3 Steps to Reclaiming Your Online Privacy and Security (Part I) - Universal Journal
How to lock down backup infrastructure
How to lock down backup infrastructure
Ransomware that's aimed at backup infrastructure can put critical backup repositories at risk as well as expose a treasure trove of corporate data.
·networkworld.com·
How to lock down backup infrastructure
How to Not Get Hacked by a QR Code
How to Not Get Hacked by a QR Code
QR codes can be convenient—but they can also be exploited by malicious actors. Here’s how to protect yourself.
·wired.com·
How to Not Get Hacked by a QR Code
Our Take on Verifiable Credentials
Our Take on Verifiable Credentials
An in-depth explanation on Verifiable Credentials from identity first principles, and how and why we think they will happen
·auth0.com·
Our Take on Verifiable Credentials