SEARCH
CSRB: Microsoft Should Refocus on Security After Cloud Intrusion
The Cyber Safety Review Board cited a string of internal failures in Microsoft's security culture as contributing factors for the 2023 compromise of more than 20 customers' cloud email inboxes by a Chinese threat group.
Decipher Podcast: Dan Lorenc Returns
Dan Lorenc, co-founder and CEO of Chainguard, joins Dennis Fisher to dig into the recent XZ Utils backdoor incident, the implications for the open source ecosystem, and what can be done to avoid similar incidents in the future. Then they discuss the problems facing NIST's National Vulnerability Database and the CVE ecosystem.
Carefully Crafted Campaign Led to XZ Utils Backdoor
The person or people that implanted malicious code into XZ Utils put time and effort into building trust in the open source software ecosystem.
Decipher Podcast: Source Code 3/29
Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.
CISA Releases Cyber Incident Reporting Rule Draft
CISA has laid out the proposed details of the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA).