ACM.133 Limiting Pass Role permissions using AWS IAM policies This is a continuation of my series on Automating Cybersecurity Metrics. In the last post I wrote about AWS IAM Permission Boundaries. AWS IAM Permission Boundaries In this post we’ll consider permission boundaries with the IAM Pass Role permission. The IAM Pass Role permission How does a […]
Cyber News, Cyber Threat Trends
Defining a nebulous term This is a bonus topic as I’m working through this series on Automating Cybersecurity Metrics and reading other cybersecurity material simultaneously. I have run across a number of interesting definitions of cloud over the years and just recently read one again which prompted me to write this post. It’s just a random […]
Cyber News, Cyber Threat Trends
A recommendation for my email subscribers, due to Medium limitations Just a note to my email list subscribers. For anything I write, you will probably want to check the blog for any updates when you read the posts. Medium will not let me send a link only in email unless I put a paywall in front […]
Cyber News, Cyber Threat TrendsThis is a current list of where and when I am scheduled to speak: I’m speaking at Capricon, a four-day science fiction convention in Chicago. My talk is on “The Coming AI Hackers” and will be held Friday, February 3 at 1:00 PM. The list is maintained on this page.
Cyber News, Cyber Threat TrendsGood advice on buying squid. I like to buy whole fresh squid and clean it myself. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.
Cyber News, Cyber Threat Trends
Cisco has warned of two security vulnerabilities affecting end-of-life (EoL) Small Business RV016, RV042, RV042G, and RV082 routers that it said will not be fixed, even as it acknowledged the public availability of proof-of-concept (PoC) exploit. The issues are rooted in the router’s web-based management interface, enabling a remote adversary to sidestep authentication or execute malicious
Cyber News, Cyber Threat Trends
Popular short-form video hosting service TikTok has been fined €5 million (about $5.4 million) by the French data protection watchdog for breaking cookie consent rules, making it the latest platform to face similar penalties after Amazon, Google, Meta, and Microsoft since 2020. “Users of ‘tiktok[.]com’ could not refuse cookies as easily as accepting them and they were not […]
Cyber News, Cyber Threat TrendsThe updates come from The Guardian’s CEO Anna Bateson and its editor-in-chief Katharine Viner
Cyber News, Cyber Threat TrendsThree weeks after The Guardian newspaper was hit by a ransomware attack, it warns staff members that their personal data was accessed.
Cyber News, Cyber Threat Trends