InfoSec News Nuggets 10/26/2023

AWS announces ‘sovereign cloud’ to support data residency in Europe  Amazon is joining the list of big tech companies to introduce a dedicated independent cloud for Europe, with news that it’s working on the “AWS European Sovereign Cloud” for governments and highly-regulated industries across Europe. AWS’s cloud rival Google partnered with Deutsche Telekom’s IT services and consulting subsidiary T-Systems more than two years ago to offer a sovereign cloud for German organizations, while Microsoft launched its “cloud for sovereignty” last year.…
Read More

InfoSec News Nuggets 08/17/2023

America's original hacking supergroup creates a free framework to improve app security Cult of the Dead Cow (cDc), a hacking group known for its activist endeavors, has built an open source tool for developers to build secure apps. Veilid, launched at DEF CON on Friday, includes options like letting users opt out of data collection and online tracking as a part of the group’s mission to fight against the commercialization of the internet. “We feel…
Read More

InfoSec News Nuggets 02/17/2023

Citrix fixes major security flaws across several services  Citrix released a patch for a number of high-severity vulnerabilities affecting multiple offerings, the company confirmed in a security bulletin earlier this week. Given the severity of the flaws, the prevalence of the tools in question, and the fact that there are no workarounds and other mitigations, the company said it was pivotal for the affected organizations to apply the fix immediately. The Us Cybersecurity & Infrastructure Security Agency…
Read More

InfoSec News Nuggets 12/29/2022

Code-generating AI can introduce security vulnerabilities, study finds A recent study finds that software engineers who use code-generating AI systems are more likely to cause security vulnerabilities in the apps they develop. The paper, co-authored by a team of researchers affiliated with Stanford, highlights the potential pitfalls of code-generating systems as vendors like GitHub start marketing them in earnest. “Code-generating systems are currently not a replacement for human developers,” Neil Perry, a Ph.D. candidate at…
Read More

InfoSec News Nuggets 1/20/2020

1 - Georgia election server showed signs of tampering, expert says A computer security expert says he found that a forensic image of the election server central to a legal battle over the integrity of Georgia elections showed signs that the original server was hacked. The server was left exposed to the open internet for at least six months, a problem the same expert discovered in August 2016. It was subsequently wiped clean in mid-2017 with no notice, just…
Read More