Fahmida brings over a decade of IT security news reporting along with ten years of network administration and software development to Decipher. Every security story has a human face, and her goal is to bring those stories to light. As the senior managing editor of Decipher, she will focus on ways security can impact how people live, work, and play. She enjoys working on stories that speak to those outside the security industry, highlighting the intersection of security and other technology areas. Over the years, she has seen enough to make her overzealous about her personal threat-model, but she doesn’t hold it against anyone for having a more relaxed worldview.
Like the earlier Meltdown and Spectre class of bugs, the new side-channel attacks ZombieLoad, RIDL, and Fallout take advantage of weaknesses in the processor's speculative execution feature to harvest secrets from system memory.
End-of-life doesn’t mean no longer a threat. Microsoft decided to release security updates for no longer supported Windows 2003 and Windows XP systems to fix a bug that could be exploited by a worm.
The Verizon Data Breach Investigations Report isn’t just full of interesting data breach statistics; it also offers enterprise defenders valuable insights on the kind of real-world threats they should be worrying about.
Google I/O is a good place to announce a whole lot of new privacy features “coming soon." It is also a good place to bury plans to change how Google will handle HTTP cookies in Chrome.
While it’s intriguing that the Dark Web may be smaller than perceived, it was never the biggest threat to enterprises.