Improve Risk Perception, Get Better Decisions
Humans are fundamentally wired to take risks, and their decisions are all about taking risks in order to gain some kind of a...
SEARCH
Fahmida Y. Rashid
Senior Managing EditorFahmida brings over a decade of IT security news reporting along with ten years of network administration and software development to Decipher.
Every security story has a human face, and her goal is to bring those stories to light. As the senior managing editor of Decipher, she will focus on ways security can impact how people live, work, and play. She enjoys working on stories that speak to those outside the security industry, highlighting the intersection of security and other technology areas. Over the years, she has seen enough to make her overzealous about her personal threat-model, but she doesn’t hold it against anyone for having a more relaxed worldview.
- fahmida@decipher.sc
- @FYRashid
- 3DF6 3FDA FACC 7BC6
Featured Articles
Severity of FaceTime Bug Depends on Threat Model
Apple is fixing the FaceTime bug, so it is clearly serious. But how bad it will impact users depend on their personal threat...
Government Shutdown Impacts Enterprise Security
The government shutdown isn't impacting just security professionals working for the federal government. Corporate security...
Government Officials Warn of Potential Iranian Cyberattacks
The Iranian government has a lot of options to consider in its response after the United States military killed Qassem Soleimani, the chief of Iran’s Quds Force. Government officials in the United States are warning organizations that cyberattacks are possible, and to step up monitoring.
CISA Seeks Comments on How Government Should Handle Vulnerability Reports
There is still time for security professionals in and out of government to weigh in on CISA's soon-to-be-released directive on how federal agencies should handle vulnerability reports.
BeyondProd Lays Out Security Principles for Cloud-Native Applications
First, it was Beyond Corp, to shift security away from the perimeter and onto individual users and devices. Now it is BeyondProd, to apply zero-trust principles to cloud-native applications and workloads that rely on microservices and communicate primarily over APIs.
Google to Restrict App Access to G Suite Accounts
Google will limit the ability of LSA to access G Suite accounts starting in June, to protect users from account hijacking attempts. The change is to encourage using apps that rely on OAuth 2.0.
Time, Not Money, Kills Bugs
The measure of a bug bounty program's success is not how much researchers were paid, but how the organization handled the volume of new reports. GitLab's James Ritchey share some of the lessons learned in the company's first year of the public bug bounty program.