-
Extension of CVSS-B
The CVSS “Base” Scores (identified since v4 of the definition), or CVSS-B, range from 0 to 10 with 10 being the most severe. Until today, that is.
-
Quis custodiet ipsos nubem?
Microsoft is not having a very good time right now. Their not-so-recent breach (2024-01-19 report) turned out to be a mega-breach (2024-03-08 report), and now seems to have been even more serious (2024-03-11), without clear assurance that the intruders really have been evicted completely, uncertainty over what might have been exfiltrated, and uncertainty over what…
-
Time, Gentlemen
It’s time to fix Police Vetting “It is obvious that Wayne Couzens should never have been a police officer. Whilst holding a position of trust, in reality he was a serial sex offender. Warning signs were overlooked throughout his career and opportunities to confront him were missed. We believe that Sarah died because he was…
-
Insider/Nearsider Subversion of MFA
MFA is becoming ubiquitous for many of us. I’d like to: You what?! So before we get down to subverting some extremely useful and important technology that provides MFA, we should probably define some terms. But MFA is secure, right? Security is a fascinating area. It’s full of edgecases and devil-in-the-detail situations. Sometimes one needs…
-
We Need To Talk About Insider Risk
Note: Some parts of this article are necessarily vague. Nothing here is intended to reveal any sensitive “Capabilities & Methods”. The world of security is a peculiar one. Risk cannot be eliminated completely, and even if one were to try to do this it would almost certainly result in an unusable system. It’s all about…
Proudly powered by WordPress
Gânduri Eclectice - Eclectic Thoughts 