README_
Verified
Online/Digital
README is a publication covering the issues, ideas and people shaping the future of cybersecurity. Its aim is to foster new conversations and become a platform for both provocative and practical viewpoints. README is published by Synack. Source
Actions
Media Outlet details
| Scope | National |
|---|---|
| Language | English |
| Country | United States of America |
|
Similarweb UVM |
Request pricing |
|
Comscore UVM |
Request pricing |
Recent Articles
Search ArticlesU.S. cyber board’s Lapsus$ postmortem, CPU vulns and remembering Vim’s creator
Welcome to Changelog for 8/13/23, published by Synack! Nathaniel Mott here with a special announcement: README and Changelog will be migrating from the Medium ecosystem to a new website this week! If you want to continue receiving Changelog, no action is needed. If you don’t want to continue receiving newsletters, we understand (although we’ll miss you), and please unsubscribe via the link at the bottom of this email by next Sunday.
Back-to-back Ivanti vulns, Microsoft woes and robocaller schadenfreude
Welcome to Changelog for 8/6/23, published by Synack! Nathaniel Mott here with the week’s security news. Yes, README will be covering Black Hat and DEF CON later this week, so stay tuned for highlights from Hacker Summer Camp. Safe travels to everyone heading to and from Las Vegas! When it rains, it pours. The Wall Street Journal reported on Aug.
Disruptive Chinese malware, Storm-0558 fallout and SEC cyber rules
Welcome to Changelog for 7/30/23, published by Synack! Nathaniel Mott here, still parsing the New York Times’ blockbuster report Saturday citing intelligence that China “has hidden deep inside the networks controlling power grids, communications systems and water supplies that feed military bases in the United States and around the world.” It’s not that China doesn’t pose a pervasive cyberthreat to U.S. interests — I’ve just seen threats to power grids overstated in the past, so I’m not sure...
Google cuts the cord, Microsoft takes a security pay cut and the U.S. slaps spyware firms
Welcome to Changelog for 7/23/23, published by Synack! Nathaniel Mott here, braving ongoing thunderstorms throughout upstate New York to bring you the week’s most noteworthy goings-on in cybersecurity. Google is pulling a Thanos. Not that it’s looking to wipe out half of all life in the universe — at least to my knowledge — but in that it’s seeking to bring an unconventional sort of balance to the security world.
Attackers are on the edge. Where are defenders?
VPNs, virtualization hosts, secure email gateways and other network “edge” devices have become a common entry point for attackers in significant enterprise breaches. How can defenders respond? The emails looked like any other spam — many simply saying “Your website is error,this is report snapshot” — and included a JPEG image or TAR archive attachment.
China’s U.S. agency hacking spree, zero-days galore and USB malware
Welcome to Changelog for 7/16/23, published by Synack! Nathaniel Mott here, signing in from upstate New York. README was onsite at the Intelligence and National Security Summit in National Harbor, Md., where editor-in-chief Blake Sobczak picked up the conference highlights from the two-day annual conference.
Top cyber takeaways from the Intelligence and National Security Summit
Concerns about China and generative AI dominated the cybersecurity discussions at the tenth edition of the Intelligence and National Security Alliance’s annual gathering, which drew hundreds of security professionals, spies and government experts. NATIONAL HARBOR, MD. — Chinese hackers breached the email accounts of at least two dozen organizations, U.S. security officials and Microsoft announced on the eve of the annual Intelligence and National Security Summit here.
TrueBot rises, a major port gets ransomwared and EVs’ cyber problem
Welcome to Changelog for 7/9/23, published by Synack! Nathaniel Mott here, hoping we can all finally catch a break from the big East Coast heat wave last week. In the meantime, here’s what’s been hot in the world of cybersecurity. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and its partners said last week that activity involving variants of the TrueBot malware downloader is on the rise throughout the U.S. and Canada.
The SEC goes after SolarWinds, LockBit extorts TSMC and a high school password fail
Welcome to Changelog for 7/2/23, published by Synack! Nathaniel Mott here, ready to jinx everyone’s Fourth of July by bringing up the “K” word (Kaseya!). But more on that after a quick breakdown of the week’s security news. It looks like CISOs are back on the menu.
Apple patches zero-days, MOVEit Transfer vuln leaks and the FBI gets cute
Welcome to Changelog for 6/25/23, published by Synack! Nathaniel Mott here after our Juneteenth break with the latest security news. So much for Apple helping the NSA compromise iPhones in the former Soviet bloc. The company released updates for macOS, iOS and iPadOS on June 21 to address a trio of actively exploited zero-day vulnerabilities in the XNU kernel and WebKit browser engine it uses across its many platforms.