Blog

The internet infrastructure provider CloudFlare was recently discovered to be leaking server memory, potentially exposing sensitive information such as user passwords, authentication tokens, and other data. Cloudflare’s reverse proxies systems inserted random amount of server memory into webpages. As a result, visitors to these websites had unencrypted memory appended to the bottom of their browser Read more

Numerous organizations made a concerted efforts to move to Agile Development and DevOps. This effort has led to a number of positive steps that the IT security community can leverage to address the software security risks facing them. These steps significantly improve the security, availability, integrity, and reliability of the application portfolio. Effective configuration management Read more

Remember that blog you started a few years ago and haven’t updated? You may have lost interest but internet miscreants will still find your blog quite appealing. Blogging applications like WordPress, drupal, and joomla are all under constant scrutiny by the forces of evil. The latter are looking for outdated versions and plug-ins. Once they Read more

The received wisdom in cybersecurity is to focus resources on protecting the most critical and mission essential systems. However, failure to protect low-sensitivity systems can have dire consequences as the financial giant, JP Morgan-Chase discovered in 2014. With a $250 million cybersecurity program, JP Morgan Chase offers online banking services employing modern cybersecurity best practices. Read more