Smart Car Privacy: Survey of Attacks and Privacy Issues

Automobiles are becoming increasingly important in our day to day life. Modern automobiles are highly computerized and hence potentially vulnerable to attack. Providing many wireless connectivity for vehicles enables a bridge between vehicles and their external environments. Such a connected...

SoK: Stablecoin Designs, Risks, and the Stablecoin LEGO

Stablecoins have become significant assets in modern finance, with a market capitalization exceeding USD 246 billion May 2025. Yet, despite their systemic importance, a comprehensive and risk-oriented understanding of crucial aspects like their design trade-offs, security dynamics, and...

CISO Spotlight: Mike Wilkes on Building Resilience in an Evolving Threat Landscape

Mike Wilkes has had a career many cybersecurity professionals could only dream of. An adjunct professor, former CISO of Marvel and MLS, member of the World Economic Forum, drummer, and board member at the National Jazz Museum in Harlem, his interests and achievements are as eclectic as they are...

The Future of SSL Certificate Management: Adapting to Shortened Renewal Periods

The industry is evolving yet again. With the CA/Browser Forum's recent decision to reduce the maximum SSL/TLS certificate lifecycle to 47 days by 2029, the way organizations manage their certificates is going to change significantly—and sooner than most realize. This update builds on the trend of...

CVE-2023-35800

Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent directory that contains the agent logs displayed in the GUI allows interactive users to read data, which could allow access to information reserved to administrators...

CVE-2023-35799

Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges...

UBUNTU-CVE-2023-35799

Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges...

CVE-2023-35799

Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges...

CVE-2023-35799

Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges...

CVE-2021-35957

Stormshield Endpoint Security Evolution 2.0.0 through 2.0.2 does not accomplish the intended defense against local administrators who can replace the Visual C++ runtime DLLs in %WINDIR%\system32 with malicious ones...

Corporate Office and Kitchen Table: Securing the Future of Work, Part 1

The future of work is multi-modal, the future corporate office is a private coffee shop with great Wi-Fi, and the future of enterprise security is going to have to adapt rapidly. If there is a sliver of positivity that I can find in this devastating pandemic, it's that we are adapting and finding...

OWASP Top 10 2017 is Released

The Journey to the New and Improved Ten Most Critical Web Application Security Risks It was not too long ago that protecting your web server infrastructure consisted of simply placing the servers in their own zone behind the firewall and just opening a couple of ports. Outside of endpoint...

Chris Brook Says Farewell to Threatpost

Mike Mimoso talks to Chris Brook who is leaving Threatpost after eight years. Chris recalls the early days of the site and his role in helping get it off the ground. He also talks about how security has evolved right alongside Threatpost. Music by Chris Gonsalves...

The CIO Will Report to the CISO

Note: This article originally appeared on LinkedIn Pulse. If you disagree with me, please visit the LinkedIn post to join the 70+ comments we've gotten so far. As a community we need the open discussion to advance our collective thinking. If you agree, please like, comment and/or share the post...

Evolution and Adaptation in the Security Jungle

CANCUN—One of the more difficult aspects of defending a network or system is trying to keep up with the new tactics and techniques that attackers use. They modify their techniques constantly, and security teams must do they same or they won’t survive. Evolve or die has become the rule. Of course,...