On July 19th, 2019 Capital One got the red flag that every modern company hopes to avoid – their data had been breached. Over 106 million people affected. 140,000 Social Security numbers. 80,000 bank account numbers. 1,000,000 Social Insurance Numbers. Pretty messy right? Unfortunately, the 19th wasn’t when the breach occurred. It turns out that… Read More


On July 29, FBI agents arrested Paige A. Thompsonon suspicion of downloading nearly 30 GB of Capital One credit application data from a rented cloud data server. Capital One said the incident affected approximately 100 million people in the United States and six million in Canada. That data included approximately 140,000 Social Security numbers and… Read More


Red faces in Moscow this weekend, with the news that hackers have successfully targetedFSB—Russia’s Federal Security Service. The hackers managed to steal 7.5 terabytes of data from a major contractor, exposing secret FSB projects to de-anonymize Tor browsing, scrape social media, and help the state split its internet off from the rest of the world.… Read More


The Kubernetes project has patched today a dangerous security flaw that could allow for clever hacks where attackers may run code on the host machine. The vulnerability doesn’t impact the Kubernetes system itself, but kubectl (Kube control), the official command-line utility for working with Kubernetes installations. Security researchers have discovered a security flaw in the… Read More


Somerville, Massachusetts just became the second U.S. city to ban the use of facial recognition in public space. The ‘Face Surveillance Full Ban Ordinance,’ which passed through Somerville’s City Council on Thursday night, forbids any “department, agency, bureau, and/or subordinate division of the City of Somerville” from using facial recognition software in public spaces. The… Read More


About a year ago, the U.S.Defense Advanced Research Projects Agency pulled back the covers on its five-year, $1.5-billion scheme to remake the U.S. electronics industry. The Electronics Resurgence Initiative included efforts in “aggressive specialization” for chip architectures, systems that are smart enough to reconfigure themselves for whatever data you throw at them, open-source hardware, 24-hour… Read More


Hi, my name is Reza Nikoopour and I’m a security engineer on the Security team at Riot. My team is responsible for securing Riot infrastructure wherever we’re deployed – whether that means internal or external data centers or clouds. We provide cloud security guidance to the rest of Riot, and we’re responsible for Key Conjurer,… Read More


When it comes to synchronizing large and important networks, for instance in the energy or financial sectors, every microsecond counts. Different protocols have been designed and implemented to achieve such precision. One of the most effective approaches is called IEEE 1588-2008 or the Precision Time Protocol (PTP). But while PTP can in theory help networks… Read More


For more than two hours on Thursday, June 6, a large chunk of European mobile traffic was rerouted through the infrastructure of China Telecom, China’s third-largest telco and internet service provider (ISP). The incident occurred because of a BGP route leak at Swiss data center colocation company Safe Host, which accidentally leaked over 70,000 routes… Read More