Recent Posts from Paul Roberts
September 26, 2022
Discrepancies in national vulnerability database reports show the U.S. lags behind China, possibly exposing U.S. firms to cyber attacks, Sophos finds.
September 23, 2022
The shift to remote work punched holes in government networks. But it also fostered a transformation in public-private cooperation, one NSA official noted at LabsCon.
September 8, 2022
In this ConversingLabs podcast, Paul Roberts interviews ReversingLabs researcher Joseph Edwards about his analysis of Follina, a newly discovered exploit.
September 7, 2022
The new guidance codifies lessons from the SolarWinds hack, including for securing third-party code and development pipelines. Here are four key takeaways.
August 12, 2022
GitHub updated guidance on using its Copilot AI-powered code bot after researchers showed at Black Hat that it often generates vulnerable code.
August 3, 2022
Black Hat is best known for hardware and traditional software exploits, but this year it showcases more software supply chain security issues—marking the shift in the threat landscape.
July 21, 2022
The Week in Cybersecurity highlights: An APT group is using Dropbox and Google Drive to cover up attacks, and malware is spreading via Play Store apps.
July 19, 2022
A survey of the post-Log4j landscape found few successful hacks linked to it. The bad news? Log4Shell will linger for years — so you need to prepare.