Security Influencers provides real-world insight and “in-the-trenches” experiences on topics ranging from software application security to DevOps and cloud security.


Hacked... Because of an Insecure Library

This morning, ZDNet’s Zack Whittaker reported a hacker has targeted the official forum for the mobile game Clash of Kings, stealing nearly 1.6 million accounts. According to the piece, the hacker exploited a known weakness in the forum’s..

Continue Reading >>

Point of View: Congress Ironically Hacks CISA into "Must Pass" Omnibus Spending Bill -- Destroys Privacy

The most recent omnibus spending bill now includes the Cybersecurity Information Sharing Act of 2015.  This bill provides broad protection to companies that share loosely defined "cybersecurity" information with government, even disallowing FOIA..

Continue Reading >>

Point of View: Potential security issues with vehicle to vehicle connected cars

The fundamental problem is that the industry hasn’t created a thorough (and openly available) threat model that adequately considers what hackers might do. The analysis of V2V communications I’ve read focuses on safety issues — what happens under..

Continue Reading >>

Point of View: $100MM cost of hacking

Many people think wires are the most secure way to send large sums of money. I’ve seen how many of these wires get processed, even wires for billions of dollars.  And it’s just like most other enterprise software — lots of vulnerabilities waiting to..

Continue Reading >>

Point of View: Delta flight and airline cybersecurity

This is always the tradeoff…   How do we balance the risk of providing some new, cool, useful feature against the risks that the new feature creates?  What makes this especially hard is that while the benefits are often immediate and concrete,..

Continue Reading >>

Point of View: Senate Stalls Cybersecurity Bill

The rush to "do something" about cyber security issues is leading both legislators in industry to ridiculous place.

Most people's knee-jerk reaction when thinking about cyber security is that we should go after the attackers.  The thinking is..

Continue Reading >>

Point of View: Chrysler recalls 1.4 million hackable cars

“The interesting thing about this recall is not that it’s going to be expensive and inconvenient (it will), but that it shouldn’t have had to happen.  We already know the importance of auto-update.  Remember those painful years of downloading..

Continue Reading >>

Point of View: Tesla opens up bug bounty program

“Bug bounty programs have been surprisingly effective and I don’t see this being any different for Tesla.  I think they’re smart to start with their website as they learn how to handle the influx of security bug reports.  As they mature, they may..

Continue Reading >>

Point of View: Army's Public Website Hacked by Unknown Intruders

All breaches are not created equal. The Army breach is actually considerably more disturbing than the IRS breach.  

Continue Reading >>

Point of View: Federal Personnel Data Breach

Government agencies are in serious danger from cyber threats. While many have a continuous network security program in place, most have spent very little time securing their applications.  We are going to continue to see breaches of government..

Continue Reading >>