David Strom


Latest from David Strom

ANALYSIS

The changing economics of open-source software

The world of open-source software is about to go through another tectonic change. But unlike earlier changes brought about by corporate acquisitions, this time it’s thanks to the growing series of tech layoffs. These could lead to many projects being crippled because their principals are now unemployed or will get new jobs in less open-favorable ...
COMMENTARY

Here are the major security threats and trends for 2024 – and how to deal with them

What a year 2023 was for cybersecurity! It was a year the world became obsessed with generative artificial intelligence — and a year that brought new breaches with old exploits, a year that brought significant consolidation in the security tools marketplace, and a year when passkeys finally took hold, at least for consumers. Are businesses ...

Akamai finds new Outlook exploits that leverage sound file attachments

Akamai Technologies Inc. researcher Ben Barnea has found two vulnerabilities in Windows Outlook clients that could cause remote code execution by attackers sending specially crafted sound file attachments. Both build on previous exploits that have been previously discovered and only partially remediated by Microsoft Corp. in March, August and October. Barnea posted two blog posts ...

How the maturing ‘infrastructure-as-code’ market has changed the path of software development

Infrastructure as code, the practice of managing and provisioning cloud infrastructure through software code rather than manually, may be the darling of many analysts, as the IaC market is projected to reach more than $2 billion in 2027. But it’s going through some growing pains as it matures. A recent analysis by Jason Turim on ...

Ukraine’s largest telecom carrier hit with cyberattack of presumed Russian origin

Updated below: The largest telecom provider in Ukraine today was hit with a crippling cyberattack, presumably from a Russian source, that left millions of people without cell and internet services. Kyivstar, which has 24 million subscribers, reported via its Facebook page that it got hit by a powerful cyberattack that led to a “large-scale technical failure,” according to ...

Cloudflare reveals growth in internet traffic report and outages

As massive as it already is, global internet traffic grew by 25% from last year, with Google the most popular general service provider and OpenAI the most popular generative AI provider, Cloudflare Inc. revealed today in its annual review of global internet traffic and trends based on its Radar telemetry. Starlink made high-performance internet available in ...

Data breaches reach all-time high, according to a new report from MIT

Threats and data breaches are increasing at an alarming rate across the board, according to a new study commissioned by Apple Inc. Breaches are at an all-time high, ransomware is on the rise and more dangerous than ever, and third-party and supply chain exploits are also getting more targeted, more effective and more pervasive, according to ...

North Korean hackers Lazarus Group takes new Telegram tactics

Cisco Systems Inc.’s Talos Intelligence unit posted today new findings about the North Korean hacking group called Lazarus that outline new ways it’s targeting attacks. “We have observed Lazarus target companies in the manufacturing, agricultural and physical security sectors,” their analysts wrote in the post. The group has been around since 2010 and was responsible ...

Akamai discovers Active Directory DNS spoofing exploit

The combination of Domain Name System, Active Directory and the Dynamic Host Configuration Protocol is a potential cybersecurity threat, Akamai Technologies Inc. security researcher Ori David warned in a blog post today. The trouble has to do with the way Microsoft Corp. has assembled DHCP DNS Dynamic Updates. DHCP is a very useful protocol: It ...

UK reveals years-long Russian cyber-espionage activities

This probably comes as no surprise to anyone, but Britain’s Foreign Office revealed on Thursday that it has found long-term evidence of cyber-espionage targeting a variety of politicians, public officials and journalists by the FSB, Russia’s main security agency. The activities were tracked back to 2015 to the present by a group called Star Blizzard ...