Ineffectual confirmation of a user's identity or authentication in session management. One of OWASP's top-ten categories of application security risk. "OWASP identification and authentication failure" ...

An attack technique that leverages an unprotected web server as a proxy for attackers to send commands through to other computers. "OWASP server-side request forgery" on the Word Notes podcast.

Terms often used in discussions of cyber security, briefly defined. Your corrections, suggestions, and recommendations for additional entries are welcome: email the editor at [email protected].

President Biden's May, 2021 formal compliance mandate for federal civilian executive branch agencies, or FCEBs, to include specific shortterm and longterm deadlines designed to enhance the federal ...

TechCrunch reports that Israeli cloud security startup Upwind is preparing to close a $100 million Series B round from Craft Ventures, Greylock, Cyberstarts, Leaders Fund, and others. The funding ...

Nic Fillingham is a Senior Program Manager at Microsoft in the MSRC organization leading the BlueHat program. Originally from Australia, Nic has worked at Microsoft for almost 20 years across multiple ...

Federal agencies and Five Eyes partners list the past year’s most exploited vulnerabilities. U.S. authorities hand down indictments in the Snowflake customer breach. Patch Tuesday updates. Zoom ...

A defensive cyber operation carried out by US Cyber Command’s Cyber National Mission Force (CNMF) at the request of an allied nation. "hunt forward operation" on the Word Notes podcast.

Andrew Hammond, Ph.D. is Historian & Curator at the International Spy Museum, home of the world's preeminent collection of intelligence-related artifacts. Previous chapters have included seven years ...

To get access to ad-free episodes, exclusive podcasts, unlimited briefings, stories, and transcripts, and other valuable bonus features sign up today. Federal agencies and Five Eyes partners list the ...

"It’s not all numbers and dashboards—sometimes, CMO success boils down to building trust and a team that clicks." This week on Cyber CMO Confidential, we’ve got Thomas Bain, the CMO of VulnCheck, ...