

Fahmida Y. Rashid
Contributor
Fahmida Y. Rashid is a freelance writer who wrote for CSO and focused on information security. Before joining CSO, she wrote about networking and security for various technology publications, including InfoWorld, eWeek, PC Magazine, Dark Reading, and CRN. She also spent years as an IT administrator, software developer, and data analyst. "I, for one, welcome our new computer overlords."
Waah! WannaCry shifts the blame game into high gear
Every security crisis presents the opportunity to point fingers, but that's just wasted energy. The criminals are at fault—and we need to work together to stop them

WannaCry ransomware slipped in through slow patching
IT teams have a gap of several weeks between when patches are released and deployed, giving criminals time to make WannaCry a reality
Microsoft rushes emergency fix for critical antivirus bug
Microsoft's security team fixed a type confusion flaw in its malware engine that affects practically all of its security products

How the Macron campaign slowed cyberattackers
Did the French president-elect's security team use cyberdeception techniques to fight off phishing attacks? Submitting fake credentials definitely qualifies

NIST to security admins: You've made passwords too hard
Passwords may not be dead, but the latest NIST guidelines promises a less frustrating and more secure authentication future

Free search engine tool hunts down malware-infected computers
Shodan is now offering the Malware Hunter scanning tool, which uncovers systems manipulated to control malware-infected devices

Annual Verizon security report says sloppiness causes most data breaches
Phishing, malware, ransomware, hacking, cyberespionage: The latest Verizon Data Breach Investigations Report shows the best prevention is basic security hygiene

Google zero-trust security framework goes beyond passwords
Google outlines how BeyondCorp determines whether a device should be allowed to access an application in a perimeter-less network environment

Buggy open source components still dog dev teams
You can write the best code in the world, but if you use vulnerable libraries and frameworks, you're introducing serious security problems to your application
Don't get bit by zombie cloud data
Data you thought you had deleted from the cloud can come back to haunt you. Get to know your provider’s data deletion policy

Cybercriminals prefer to chat over Skype
Cybercriminals don’t operate in the Dark Web only; they also rely on popular communications software such as Skype, WhatsApp, Jabber, and Signal