Security news that informs and inspires

SEARCH

headshot of Fahmida Y. Rashid with teal overlay

Fahmida Y. Rashid

Contributor

Fahmida brings over a decade of IT security news reporting along with ten years of network administration and software development to Decipher. Every security story has a human face, and her goal is to bring those stories to light. As the senior managing editor of Decipher, she will focus on ways security can impact how people live, work, and play. She enjoys working on stories that speak to those outside the security industry, highlighting the intersection of security and other technology areas. Over the years, she has seen enough to make her overzealous about her personal threat-model, but she doesn’t hold it against anyone for having a more relaxed worldview.

  • fahmida@decipher.sc
  • @FYRashid
  • 3DF6 3FDA FACC 7BC6
352 articles by Fahmida Y. Rashid

Applications Using Apache .htaccess at Risk for Attacks

The original vulnerability may be in a jQuery plugin, but the disconnect in how web developers use .htaccess with the Apache web server and how the server is actually configured means there are potentially more applications out there that are vulnerable to attack.

Vulnerability, Appsec, Apache

Android License Changes Raise Security Questions

Android has long been viewed as the less-secure mobile operating system compared to iOS, and Google's licensing changes to comply with the European Commission's anti-trust ruling can potentially make the ecosystem's overall security situation worse.

Android, Google, Mobile

New California Law Requires Strong Passwords for Internet of Things

Thank you California. Gov. Brown has signed into the law that requires manufacturers to give Internet-connected devices unique passwords and not weak passowords like "admin" by default.

Iot Security, Legislation

Chinese Spies Planted Hardware Backdoors on Servers in Supply Chain Attack

Whether or not Chinese spies actually planted rogue chips into Super Micro servers, this kind of supply chain attack is feasible. This is just the tip of the iceberg.

Supply Chain, Hardware, Data Breaches

After Account Breach, Attackers Can Use Single Sign-On to Take Over More Accounts

Facebook revoked its session tokens after the massive breach. A team of researchers from the University of Illinois at Chicago lay out what attackers could do with those session tokens if they hadn't been reset.

Data Breaches, SSO