Data Breaches: All Your Fault

One part of my job is to understand the compliance landscape. This means that I read a lot about the GDPR and related similar laws. I also have to...

Security Scar Tissue Can Make Organizations Smarter and Stronger

IT pros slammed again and again by security breaches can become desensitized--or they can gain strength from the experiences.

Stop a Login

Securing Code Early

Last year I started to get alerts from Microsoft Repos that someone had put a piece of security information in their code that pertained to one of my Azure services. At first I was worried, but then I realized this was the public version of AdventureWorks we maintain in Azure. We've published the login so […]

Renaming a login

Microsoft's Cloud Email Breach Is a Cause for Concern

NEWS ANALYSIS: Potentially millions of Microsoft email users on Outlook, Hotmail and MSN mail had their email information exposed after a Microsoft support person was breached, exposing a wider...

Microsoft Adds Single Sign-On to Azure

The latest update to Microsoft's Azure AppFabric cloud-computing platform includes support for a harmonized online identity with single sign-on support for multiple credential providers.

Don’t trust the locals: investigating the prevalence of persistent client-side cross-site scripting in the wild

Does your web application make use of local storage? If so, then like many developers you may well be making the assumption that when you read from local storage,...

Serious flaws leave WPA3 vulnerable to hacks that steal Wi-Fi passwords

Next-gen standard was supposed to make password cracking a thing of the past. It won't.

TajMahal Spyware

Kaspersky has released details about a sophisticated nation-state spyware it calls TajMahal: The TajMahal framework's 80 modules, Shulmin says, comprise not only the typical keylogging and screengrabbing features of...