Data Safety and Information Security

In an effort to blend in and make their malicious traffic tougher to block, hosting firms catering to cybercriminals in China and Russia increasingly are funneling their operations through major U.S. cloud providers. Research published this week on one such…

Open source tools like Linux Malware Detect and Chkrootkit can alert you to unwanted visitors on your server.

The payment card giant MasterCard just fixed a glaring error in its domain name server settings that could have allowed anyone to intercept or divert Internet traffic for the company by registering an unused domain name. The misconfiguration persisted for…

When malicious hackers exploit vulnerabilities in firewalls, VPNs and routers, it’s not the vendors that get hit — it’s their customers.

Humane Intelligence is a tech nonprofit. A platform for model evaluators & learners to professionalize algorithmic auditing and real-time AI impact assessments.

A free open source social media platform without ads or tracking! Connect with millions of people around the world on the Fediverse (Federated Universe).

Automatically delete your data from tech platforms, except for what you want to keep

The deadliest poison known to AI

Browser-based cryptography has struggled with a longstanding chicken-and-egg problem that predates many features of the modern web, and while some of those features have reduced the problem’s severity, the issue remains: What is the basis for trusting the code that performs browser-based encryption?

I've become very interested in the topic of authorization over the last year and plan to write about it more. I hope you'll follow along.

I got tired with all the AI scrapers that were bullying my git server, so I made a tool to stop them for good.

For months members of the public have been using GeoSpy, a tool trained on millions of images that can find the location a photo was taken based on soil, architecture, and more. It's GeoGuesser at scale.

Software composition analysis (SCA) is a process undertaken to identify and track application code dependencies and also track security and compliance Google has open sourced OSV-SCALIBR (Software Composition Analysis LIBRary). With open source vulnerability (OSV) issues always in the spotlight, this could be a welcome development.

Open Policy Administration Layer (OPAL) is an open-source administration layer for OPA and AWS' Cedar Agent that allows you to keep your authorization layer up-to-date in real time

As per a recent Bambu Lab blog post, its FDM printers in the X1 series will soon receive a firmware update that adds mandatory authentication for certain operations, starting with the firmware upda…

Learn about Policy as Code, its use cases, and challenges from leading software developers. Discover tools and frameworks for policy as code implementation, and dive into policy languages like Rego, Cedar, and OpenFGA.

Abstract

A look at four ways that AI is reshaping hacking and malware development, and how we can stay vigilant in response.

Impersonate JA4 and H2 fingerprint of the latest version of Chrome, Firefox

Learn how to build AI agents to solve security challenges using the CrewAI framework.

An Apostille is similar to notarization to certify a document, but intended for use in another country. Apostille is defined by a Hague conv...

Why is the cyber resilience of network devices lagging and what can you do about it? The answer: Leverage automation.

Using an agentless SSH approach, Vuls allows you to scan multiple operating systems using multiple methods, such as fast scan and deep scan.

This letter was originally published in our 2024 Annual Report. The past year at ISRG has been a great one and I couldn’t be more proud of our staff, community, funders, and other partners that made it happen. Let’s Encrypt continues to thrive, serving more websites around the world than ever before with excellent security and stability. Our understanding of what it will take to make more privacy-preserving metrics more mainstream via our Divvi Up project is evolving in important ways.

Python security developer-in-residence decries use of bots that 'cannot understand code'

The security system that underlies the internet makes use of a curious fact: You can broadcast part of your encryption to make your information much more secure.