Weekend Reads 051322

Cloudflare, a company that specializes in web security and distributed denial of service (DDoS) attack mitigation, just reported that it managed to stop an attack of an unprecedented scale.

Cloud operators provide price incentives so that users gravitate towards newer generations (and between server architectures). Figure 1 shows lines of best fit for the average cost per virtual central processing unit (vCPU, essentially a physical processor thread as most processor cores run two threads simultaneously) of a range of AWS virtual instances over time.

Passwordless sign-ins are already a practical reality, but they’re sometimes clunky — and three of the biggest tech companies believe they can reduce the friction.

Within a decade, the growth of powerful quantum computers will lead to a new era in security, in which once-impenetrable public-key techniques like RSA and ECC will fall to higher levels of brute force.

Cisco Systems on Wednesday shipped security patches to contain three flaws impacting its Enterprise NFV Infrastructure Software (NFVIS) that could permit an attacker to fully compromise and take control over the hosts.

Developers understand the importance of security, and overwhelmingly want to deploy secure and quality code, but software vulnerabilities continue to be exploited.

The National Institute of Standards and Technology (NIST) on Thursday released an updated cybersecurity guidance for managing risks in the supply chain, as it increasingly emerges as a lucrative attack vector.

How much does a typo cost? If you manage a service delivery team for a communication service provider (CSP), the answer can be “quite a lot.”

Over US $43 billion has been lost through Business Email Compromise attacks since 2016, according to data released this week by the FBI.

On a domain, the owner is also able to construct whatever subdomains they wish—a process that is technically achieved via the configuration of records on the authoritative domain name system (DNS) server.

What is less clear is whether the goals and practices of emerging businesses in the web3 sector align with, or stand in conflict with, the ideologies of web3’s most enthusiastic supporters.

China’s Winnti cyberthreat group has been quietly stealing immense stores of intellectual property and other sensitive data from manufacturing and technology companies in North America and Asia for years.

I’ve said this before but bears repeating: Breaches can happen to anyone. That’s why a company’s response to a breach is more important than almost anything else.

Companies are quickly adopting cybersecurity products and systems that incorporate artificial intelligence (AI) and machine learning, but the technology comes with significant challenges, and it can’t replace human analysts, experts say.

For too long, and for too many organisations, meeting a compliance standard was seen as a satisfactory way to boast of security. The competing ideologies of security versus compliance have long vexed even the most optimistic cybersecurity professional.

Like everything else in the world, the last two years have been a period of disruption and challenge for the IGF. Following a fully remote event at the end of 2020, in 2021 the IGF was held as a hybrid event – a physical meeting in Poland, with fully integrated remote participation.

If you’ve been hoping the PC chip shortage is going to end any time soon, Intel CEO Pat Gelsinger has some bad news for you. According to Gelsinger, things might not get back to normal until well into 2024.

For years, I was safe using what I called the 80:20 rule for predicting broadband customers in a new market. This meant that in most markets, 80% of customers would buy the lowest-priced broadband option.