Security news that informs and inspires

SEARCH

headshot of Fahmida Y. Rashid with teal overlay

Fahmida Y. Rashid

Contributor

Fahmida brings over a decade of IT security news reporting along with ten years of network administration and software development to Decipher. Every security story has a human face, and her goal is to bring those stories to light. As the senior managing editor of Decipher, she will focus on ways security can impact how people live, work, and play. She enjoys working on stories that speak to those outside the security industry, highlighting the intersection of security and other technology areas. Over the years, she has seen enough to make her overzealous about her personal threat-model, but she doesn’t hold it against anyone for having a more relaxed worldview.

  • fahmida@decipher.sc
  • @FYRashid
  • 3DF6 3FDA FACC 7BC6
352 articles by Fahmida Y. Rashid

What Defenders Need to Know About the Latest Struts Flaw

It hasn’t even been a year since the Equifax breach was made public, and Apache has fixed yet another another critical vulnerability in the Struts web application framework. Does your incident response plan include assessing the risk exposure and deploying defenses on top of patch management?

Patching, Vulnerability, Java, Incident Response

NIST Act to Improve SMB Security Becomes Law

Under the newly minted law NIST Small Business Cybersecurity Act, NIST will have a year to release guidance and resources to help small businesses improve their security posture.

Legislation, Government

Clarity Needed Over New Rules on Use of Cyber Weapons

The White House has rescinded the directive that restricted how United States could respond to online attacks. Will this act as deterrence or escalate breaches and attacks into armed conflict?

Government

What IT Needs to Know About Foreshadow

Foreshadow/L1TF refer to a group of vulnerabilities that can be exploited in modern Intel chips using speculative execution attacks to bypass security protections and harvest sensitive information.

Vulnerability, Hardware, Spectre

Microsoft Fixed Multi-factor Authentication Bypass Flaw

The flaw in Microsoft's Active Directory Federation Services lets an attacker use the same second factor to bypass multi-factor authentication for any account running on the same service. Microsoft has patched the flaw.

Microsoft, 2fa, MFA