Fahmida Y. Rashid

Senior Managing Editor

Fahmida brings over a decade of IT security news reporting along with ten years of network administration and software development to Decipher.

Every security story has a human face, and her goal is to bring those stories to light. As the senior managing editor of Decipher, she will focus on ways security can impact how people live, work, and play. She enjoys working on stories that speak to those outside the security industry, highlighting the intersection of security and other technology areas. Over the years, she has seen enough to make her overzealous about her personal threat-model, but she doesn’t hold it against anyone for having a more relaxed worldview.

fahmida@decipher.sc
@FYRashid
3DF6 3FDA FACC 7BC6

Featured Articles

Andy Ellis standing on stage against a black curtain and a RSAC 2019 purple banner

Risk

Improve Risk Perception, Get Better Decisions

Humans are fundamentally wired to take risks, and their decisions are all about taking risks in order to gain some kind of a...

Privacy

Severity of FaceTime Bug Depends on Threat Model

Apple is fixing the FaceTime bug, so it is clearly serious. But how bad it will impact users depend on their personal threat...

Government

Government Shutdown Impacts Enterprise Security

The government shutdown isn't impacting just security professionals working for the federal government. Corporate security...

178 articles by Fahmida Y. Rashid

Capital One Breach Does Not Mean the Cloud is Insecure

Financial services organizations and many other enterprises have hesitated to go all in the cloud, citing concerns about depending on a third-party to protect the data, and the Capital One breach may encapsulate their fears. But the fact is, the cloud provides security benefits, so long as proper controls are put in place.

Cloud, Data Breaches

Capital One Breach Highlights Challenges of Insider Threats

The breach of Capital One data on Amazon Web Services is a insider threat story. Defending from malicious insiders is a different ballgame than from outsiders.

Insider Threat, Data Breaches

Enterprises May Not Know Which Devices Have URGENT/11 Flaws

VxWorks is the operating system no one has ever heard of, but it is widely used in industrial control systems, robotics and automation, industrial control systems, and Internet of Things. The URGENT/11 group of vulnerabilities in these devices can be exploited remotely.

Vulnerability, Internet of Things, Patching, Critical Infrastructure Security

Being on the Latest Windows Version Can Thwart Zero Days

Zero day vulnerabilities exploited in the wild is never good news, but if the user's machine is running the latest version of the operating system, the chances are good that the attack won't be successful against that machine, according to a Microsoft security engineer.

Microsoft, Vulnerability, Windows, Software Security

BlueKeep Exploit on Sale, Now We Wait

What a week for BlueKeep watchers. Chinese-language slide deck appears on GitHub with details on how to use the BlueKeep vulnerability, Immunity includes a working exploit in its penetration testing kit, and the WatchBog cryptocurrency-mining botnet now has a scanner looking for vulnerable Windows machines with Remote Desktop enabled.

Malware, Exploit Sales