TPM-Fail: What It Means. What to Do About It.

On November 12, 2019 researchers led by a team at Worcester Polytechnic Institute, disclosed details of two new potentially serious security vulnerabilities — dubbed TPM-Fail — that could allow attackers to steal cryptographic keys protected inside two types of Trusted Platform Modules (TPMs). Because millions of deployed systems probably have the TPM-Fail vulnerability, the scope of exposure is […]

The 3 CyberSecurity Rules of Trust

A security CTO’s guidelines to making better decisions about cybersecurity. Rule 1: “All things being equal, trust as little as possible.” Rule 2: “Use evidence and experience to measure trustworthiness.” Rule 3: “Distrust proportionally to the level of risk.”