Five worthy reads is a regular column on five noteworthy items we discovered while researching trending and timeless topics. In this week’s edition, let’s explore the role of HIPAA compliance in the cybersecurity era.

You don’t reuse passwords, so why are you reusing your usernames? Using a unique username does more than just protect your privacy, it also has important security benefits.

Over the last two weeks, many have had flashbacks to 2012 when Heartbleed was released and everyone scrambled to fix broadly used OpenSSL. Due to their nature, some applications and services are so prolific that when a vulnerability is identified it causes massive issues for vendors and customers alike. The latest of this kind of issue is the Log4j vulnerability that has been dominating the press.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Those of you of a certain age who frequented department stores during the 80’s and the emergence of home computing might remember the often used jape of writing a two line BASIC programme to fill the screen with text – often something silly. Such innocent times, and now though, we have this....

Executive Order 14028 on Improving the Nation’s Cybersecurity was released in May with nine sections outlining specific focus areas for security improvements. As we noted at the time, Netskope applauded the EO for how it placed significant emphasis on zero trust security adoption, mentioning it no fewer than 11 times, and insisting on proactive action.

2021 was the year businesses continued to adapt to new working patterns, digital transformation and battle the increasing threats from ransomware attacks. Here our panel of security experts share their predictions for the key security challenges and trends to look out for in 2022 ensuring you can beat the hackers at their own game.

This is the second in a two-part series discussing a still-unpatched userland Windows privilege escalation. The exploit enables attackers to perform highly privileged actions that typically require a kernel driver. Part 1 of this blog series showed how to block these attacks via ACL hardening. If you haven’t already, please read the first part of this series, because it lays an important foundation for this article. Interested readers can also check out the excellent Unknown Known DLLs...

In our 2021 Security Predictions, the WatchGuard’s Threat Lab team anticipated that authentication would be the cornerstone of strong security. “With billions of usernames and passwords ripe for the picking on the dark web and the prevalence of automated authentication attacks, we believe that any service without MFA enabled will be compromised in 2021,” said WatchGuard CSO Corey Nachreiner.

Following up on our Simulating Filesystem Tree with Billions of Files series, let's imagine that we want to create a filesystem with 1 billion inodes in memory. At this scale, every single byte used to represent the inode will use 1GB of memory. Just with the inode numbers, each with 8 bytes, will use at least 8GB of memory. If we consider, conservatively, that each inode will use approximately 50 bytes of space, it will not be feasible to store this information in memory.