Attacks Based on Credential Theft On The Rise, DBIR Says
In the 13th Data Breach Investigations Report, Verizon researchers found that attackers are relying less on malware and more on...
SEARCH
Fahmida Y. Rashid
Senior Managing EditorFahmida brings over a decade of IT security news reporting along with ten years of network administration and software development to Decipher.
Every security story has a human face, and her goal is to bring those stories to light. As the senior managing editor of Decipher, she will focus on ways security can impact how people live, work, and play. She enjoys working on stories that speak to those outside the security industry, highlighting the intersection of security and other technology areas. Over the years, she has seen enough to make her overzealous about her personal threat-model, but she doesn’t hold it against anyone for having a more relaxed worldview.
- fahmida@decipher.sc
- @FYRashid
- 3DF6 3FDA FACC 7BC6
Featured Articles
Decipher Library: First Edition
We've put together a list of security and privacy related book recommendations from people across the industry, from technical...
Security Norms Must Shift in a Crisis
With so many employees and contractors working remotely, security teams and CISOs grapple with the job of continuing to protect...
Spyware for Targeted APT Campaign Sneak into Google Play
Kaspersky researchers discuss how a targeted campaign against Android users in Southeast Asia relied on spyware apps that snuck onto official app marketplaces such as Google Play.
US, Australia Warns About Web Shell Malware
The National Security Agency and the Australian Signals Directorate jointly issued a Cybersecurity Information Sheet with guidelines for enterprises on how to defend web servers from web shell exploits.
Understanding Asset Mix for Effective Vulnerability Management
Which platform is the riskiest: Windows, Mac, Linux, Unix, or a networking device? Latest research from Kenna Security and Cyentia Institute shows that CISOs have to consider both the number of vulnerabilities and how issues are addressed in order to determine risk.
CISA Urges Resetting Active Directory After Patching VPN
Vulnerabilities need to be patched, but security doesn’t stop with updates since the attackers may already be inside the network. Additional steps may be necessary, such as resetting passwords and looking for evidence of other types of infection or compromise.
Managing Vulnerabilities by Crowd-Sourcing Threat Details
Thousands of software vulnerabilities are made public each year, leaving IT and security teams to sift out irrelevant issues from the bugs that need to be fixed. Rapid7's Attacker Knowledge Base brings crowd-sourced feedback to enterprise defenders to help them figure out which flaws to pay attention to.