Security news that informs and inspires
headshot of Fahmida Y. Rashid with teal overlay

Fahmida Y. Rashid

Contributor

Fahmida brings over a decade of IT security news reporting along with ten years of network administration and software development to Decipher. Every security story has a human face, and her goal is to bring those stories to light. As the senior managing editor of Decipher, she will focus on ways security can impact how people live, work, and play. She enjoys working on stories that speak to those outside the security industry, highlighting the intersection of security and other technology areas. Over the years, she has seen enough to make her overzealous about her personal threat-model, but she doesn’t hold it against anyone for having a more relaxed worldview.

  • fahmida@decipher.sc
  • @FYRashid
  • 3DF6 3FDA FACC 7BC6
352 articles by Fahmida Y. Rashid

Most Applications Contain Vulnerable Open Source Libraries

Modern software development relies on open source libraries, even for those applications that are sold commercially and aren’t open source. A pair of reports from Veracode and Synopsys illustrate how these components are introducing vulnerabilities into these applications.

Open Source, Application Security, Javascript

Attacks Based on Credential Theft On The Rise, DBIR Says

In the 13th Data Breach Investigations Report, Verizon researchers found that attackers are relying less on malware and more on stolen or lost credentials to carry out their attacks.

Data Breaches

Microsoft’s RDP Patch Isn’t a Complete Fix

Microsoft's February security update fixes the vulnerability that can result in reverse RDP attacks in the built-in Windows RDP client, but third-party RDP clients are still vulnerable, Check Point said.

Microsoft, RDP, Patching

Lawmakers Ask for Cybersecurity Funding for States

A bipartisan group of Congressional lawmakers are trying to drum up support to include money for states and local governments to modernize their IT infrastructure in the next stimulus package.

Government

GitHub Expands Scanning to Find Security Flaws in Code

The goal for secure software isn’t to never have vulnerabilities, but to be able to find vulnerabilities as soon as possible so that they can be fixed. GitHub has expanded its code scanning capabilities to make it easier for developers to identify flaws in projects that are managed on its platform.

Open Source, Github, Vulnerability, Appdev