

Fahmida Y. Rashid
Contributor
Fahmida Y. Rashid is a freelance writer who wrote for CSO and focused on information security. Before joining CSO, she wrote about networking and security for various technology publications, including InfoWorld, eWeek, PC Magazine, Dark Reading, and CRN. She also spent years as an IT administrator, software developer, and data analyst. "I, for one, welcome our new computer overlords."

7 cloud security controls you should be using
Human error is one of the top reasons for data breaches in the cloud, as administrators forget to turn on basic security controls. Whether it is Amazon Web Services, Microsoft Azure, or Google Cloud Platform, keep these rules in mind...

10 security buzzwords that need to be put to rest
Having trouble getting your message across? Banning these buzzwords may help.
Legal hack back lets you go after attackers in your network
Security startup Cymmetria has put together a tool and a framework to help security defenders hack back legally as part of incident response activities.

4 common password security myths
Yes, password length and complexity matter, but only if you apply those qualities to the proper security context.

DNSSEC key signing key rollover: Are you ready?
ICANN has postponed the deadline for updating name servers with the new root zone key signing key to early 2018 because too many ISPs and network operators are not ready, and that would cause DNSSEC validations to fail.

BlueBorne is Bluetooth's Stagefright moment
The scariest thing about BlueBorne, the attack vector that uses Bluetooth to spread across devices, isn't what it can do, but rather just how many similar vulnerabilities may be lurking that we don't yet know about.

What is the biggest threat from the Equifax breach? Account takeovers
Cyber criminals have the most to gain by taking ownership of bank, brokerage and retirement accounts using people’s PII. Are traditional authentication systems obsolete?

Don’t like Mondays? Neither do attackers
You can reduce potential damage by paying attention to when attackers are most likely to strike.

Show the proof, or cut it out with the Kaspersky Lab Russia rumors
The United States intelligence agencies have Kaspersky Lab in their crosshairs, but this a case of smoke, but no fire.

Amazon Macie automates cloud data protection with machine learning
Amazon promises AWS S3 customers that they will be able to identify and protect sensitive data faster with Macie, but is it enough to catch up to what Microsoft and Google offers?

Malicious code in the Node.js npm registry shakes open source trust model
Bad actors using typo-squatting place 39 malicious packages in npm that went undetected for two weeks. How should the open source community respond?