-
22 votes
-
Researchers explain that it is easy to redirect LLM equiped robots, including military and security robots in dangerous ways
15 votes -
Top US senator calls Salt Typhoon ‘worst telecom hack in our nation’s history’
36 votes -
‘Do not pet’: A robotic dog named “Spot” made by Boston Dynamics is the latest tool in the arsenal of the US Secret Service
20 votes -
Post-OCSP certificate revocation in the Web PKI
2 votes -
Dozens of activists get four to ten years in prison in Hong Kong's biggest national security case
12 votes -
Warrant canaries and disclosure by design: The real threat to national security letter gag orders
8 votes -
When Machine Learning Tells the Wrong Story
6 votes -
iPhones stored for forensic analysis reboot, causing problems
14 votes -
Bitwarden switches password manager and SDK to GPL3 after FOSS-iness drama
54 votes -
Sweden rejects applications for thirteen offshore wind farms – government believes building them would have unacceptable consequences for national defence
11 votes -
Project Zero: Using large language models to catch vulnerabilities in real-world code
7 votes -
Lawsuit: City cameras make it impossible to drive anywhere without being tracked | "Every passing car is captured," says 4th Amendment lawsuit against Norfolk, VA
52 votes -
Exploding pagers, Hezbollah and Israel - The events, outcomes and value of supply chain security
13 votes -
Passwords have problems, but passkeys have more
35 votes -
Should we chat, too? Security analysis of WeChat’s MMTLS encryption protocol.
13 votes -
Encrypted Root with LUKS and Opal
6 votes -
1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies
32 votes -
Hackers take control of robot vacuums in multiple US cities, yell racial slurs
37 votes -
Facing scrutiny over global outage, cybersecurity firm CrowdStrike on track for record year of federal lobbying spending
17 votes -
More people than ever are trying to hack the US government--and they love it
11 votes -
Reversing file access control using disk forensics on low-level flash memory
6 votes -
Norway may put a fence along part or all of the 198-kilometer border it shares with Russia – move inspired by a similar project in its Nordic neighbor Finland
17 votes -
Using YouTube to steal your files
40 votes -
Kaspersky deletes itself, installs UltraAV antivirus without warning
22 votes -
SS7: A mobile network operator protocol with scary vulnerabilities
29 votes -
The confessions of Marcus Hutchins, the hacker who saved the internet (2020)
38 votes -
Data security help - SOC2ish
Hi Tilderinos, I head up a small startup and we're looking to get some support for our data security. Up until now we've worked with small mom and pops that didn't have any requirements, but a few...
Hi Tilderinos,
I head up a small startup and we're looking to get some support for our data security. Up until now we've worked with small mom and pops that didn't have any requirements, but a few of our new clients have full data security teams and our infrastructure and policies/protocols aren't up to snuff. We reached out to a few consulting firms and they quotes us between $80-100k to get things set up and run us through a full SOC2 review. As a small company we don't really have that type of budget, more like $40-50k. I stumbled upon Vanta and Drata as alternatives and had meetings with their sales folks last week. Both of their offerings from setting up our protocols to monitoring and getting us through a SOC2 were only $16k.
Are platform based companies like Vanta or Drata enough to get us off the ground while we're still getting set up? Has anyone worked with them before and have any feelings one way or the other? Should we be signing on with a security consulting company - be it at a lower rate if we can negotiate it?
This is all quite new to me and any insight folks here can provide would be incredible useful.12 votes -
Inside Elon Musk’s mushrooming security apparatus
8 votes -
China's Arctic dreams make the Norwegian port of Kirkenes a global prize – and an unlikely hotbed of East-West rivalry
6 votes -
How CrowdStrike stopped everything. “The failures cascaded as dependent systems crashed, halting operations across multiple sectors."
17 votes -
CrowdStrike estimates the tech meltdown caused by its bungling left a $60 million dent in its sales
37 votes -
Lawsuits against Crowdstrike begin with Delta Airlines and Crowdstrike shareholders filing suit
21 votes -
Bypassing airport security via SQL injection
54 votes -
Chinese government hackers penetrate US internet providers to spy
17 votes -
Israeli cabinet trades insults over ‘Jewish terrorism’ warning. Far-right security minister accused by defence minister and intelligence chief of endangering nation.
9 votes -
Microsoft to host security summit after CrowdStrike disaster
16 votes -
Top companies ground Microsoft Copilot over data governance concerns
23 votes -
“Something has gone seriously wrong,” dual-boot systems warn after Microsoft update
43 votes -
The gigantic and unregulated power plants in the cloud
12 votes -
Digital Euro has Germans fretting their money won’t be secure
16 votes -
EFF’s concerns about the UN draft Cybercrime Convention
9 votes -
Signal developer explains why early encrypted messaging tools flopped
35 votes -
Delta CEO says CrowdStrike-Microsoft outage cost the airline $500 million, will seek damages
44 votes -
USENIX Security '18: Why do keynote speakers keep suggesting that improving security is possible? (AI, IoT)
7 votes -
Mayor of Oslo warns that drug smugglers are increasingly targeting the Norwegian capital as a gateway to Europe as authorities tighten controls on major ports such as Antwerp
7 votes -
Los Angeles police department warns residents after spike in burglaries using Wi-Fi jammers that disable security cameras, smart doorbells
42 votes -
A network of community activists in small towns and huge cities are helping get food to the people who most need it
17 votes -
FrostyGoop malware attack cut off heat in Ukraine during winter
17 votes -
CrowdStrike global outage to cost US Fortune 500 companies $5.4bn
35 votes