Weekend Reads 121523

NTT Data has opened a hotel at which it plans to watch people sleep, as part of a plan to gather – and of course sell – data about the snoozing habits of ten million people.

Business and technical leaders should prepare to focus on memory safety in software development, the US Cybersecurity and Infrastructure Agency (CISA) urged on Wednesday.

A proposed fork of the OpenPGP standard, called “LibrePGP” and initiated by GnuPG’s maintainer Werner Koch, has made a series of statements on its own website1 in order to justify its existence.

Cisco has quietly introduced changes to the licensing model for its Catalyst range, and will bring it to more products over time.

ICANN’s response to the European Union’s Network and Information Security Directive (NIS2) is a litmus test on whether its policy processes can address the needs of all stakeholders, instead of only satisfying the needs of the domain industry.

One of the joys of operational privacy professionals is getting that random, Friday afternoon Slack from someone on the product team asking, “Can we [insert questionable action] with our customer data?”

Lackluster security controls in one of Google’s cloud services for data scientists could allow hackers to create applications, execute operations, and access data in Internet-facing environments.

The incident response process can be a maze that security professionals must quickly learn to navigate—which is no easy task. Surprisingly, many organizations still lack a coordinated incident response plan, and even fewer consistently apply it.

The suitability of a data center environment is primarily judged by its effect on the long-term health of IT hardware.

Most of the tech gifted this holiday will end up in a landfill. But Keegan McNamara makes laptops you can pass on to your grandchildren.

This blog acts as a quick guide on network penetration testing, explaining what it is, debunking common myths and reimagining its role in today’s security landscape.

A years-old Bluetooth authentication bypass vulnerability allows miscreants to connect to Apple, Android and Linux devices and inject keystrokes to run arbitrary commands, according to a software engineer at drone technology firm SkySafe.