Trust and Transparency in the Hardware Supply Chain

Intel is a sponsor of TechSpective Organizations invest a lot of resources and effort to secure and protect their devices and IT environment, but there is growing concern over the parts that make up the equipment. The supply chain exposes organizations to risk because counterfeit parts may create safety hazards, ... Read More

Intel Bug Bounty Program Improves Security and Drives Community Engagement

Intel is a sponsor of TechSpective Vulnerabilities are a fact of life. Organizations and developers strive to develop secure code, but the reality is that there is no such thing as perfect when it comes to either coding applications or security. The focus should be on streamlining discovery of vulnerabilities ... Read More

Remote Workers Don’t Have to Be Insecure Workers

These are unprecedented times. As countries around the world struggle to contain and respond to the COVID-19 pandemic, businesses of all sizes and across all industries find themselves suddenly trying to maintain business continuity with an entirely remote, work-from-home workforce. As a result of the dramatic spike in remote endpoints—many ... Read More

Researcher Discovers Zero Day Vulnerability Using Homoglyph Characters

One of the most common sneaky tricks on the web is typo squatting. Attackers know that someone trying to type “disney.com” can very easily type “dinsey.com” or “disnet.com” on accident, and they register those domains to redirect those mis-typed domains to a phishing or shady website of some sort. Matt ... Read More

Intel Report Reveals Security Insights and Highlights the Value of Transparency

Intel is a sponsor of TechSpective There is no such thing as perfect when it comes to technology. When you’re dealing with millions of lines of code and an evolving attack ecosystem, it’s inevitable that bugs will be found. What’s important is for vendors to acknowledge this reality and work ... Read More

Fabian Wosar Joins Me to Chat about Ransomware and Data Privacy

My guest for this episode is Fabian Wosar, CTO of Emsisoft. Emsisoft is a New Zealand-based maker of antimalware and endpoint security solutions that has established itself as a leader in the fight against ransomware. This is a really awesome conversation–so much so that we got off topic very quickly ... Read More
compliance

3 Strategies for Better Security and Compliance

If you’ve ever rowed a boat with someone else, you know that it’s very difficult to make progress if two people are rowing in different directions. Imagine if you could add a third rower trying to pull you off in another direction entirely. According to a new report, that is ... Read More
Security Boulevard

Coordinating Efforts for More Effective Security and Compliance

A company is a single entity, but it is comprised of various teams and individuals. Everyone in the company is ostensibly working toward common goals and objectives, but the perspectives and priorities can vary—and sometimes overlap or conflict—from one department to the next, especially when it comes to cybersecurity and ... Read More

The Practical, Ethical, and Compliance Challenges of Data Privacy

Today is Data Privacy Day. Businesses and individuals around the world recognize January 28 as a day to raise awareness about data privacy challenges and reiterate data protection best practices. One of the things that is still often missed, though, is that it’s not realistic to approach data privacy from ... Read More

Patch or Mitigate Dangerous Microsoft Windows CryptoAPI Spoofing Vulnerability ASAP

Qualys is a sponsor of TechSpective Microsoft kicked off the new decade with a bang. Last Tuesday was the first Microsoft Patch Tuesday of 2020, and one of the patches pushed out by Microsoft addresses a dangerous flaw in Crypt32.dll that could allow attackers to spoof signatures on encrypted communications ... Read More