Humans Are Bad at Risk Assessment, and Other Stories
Risk management is not one of humanity's strong points, but we can learn some lessons from our own real life experiences to apply
SEARCH
Dennis Fisher
Editor in ChiefDennis Fisher is an award-winning journalist who has been covering information security and privacy since 2000.
He is one of the co-founders of Threatpost and previously wrote for TechTarget and eWeek, when magazines were still a thing that existed. Dennis enjoys finding the stories behind the headlines and digging into the motivations and thinking of both defenders and attackers. His work has appeared in The Boston Globe, The Improper Bostonian, Harvard Business School’s Working Knowledge, and most of his kids’ English papers.
- dennis@decipher.sc
- @dennisf
Featured Articles
Software Has Eaten the World But There’s Still Hope
As software systems have become ever more complex, the opportunity for security researchers to show their value has grown, as
Digging Into FIN7’s Latest Tools and Tactics
FIN7 is a highly active and capable cybercrime group also known as Carbanak that has been evolving and using its own tools such as
Decipher Podcast: Joe Slowik
Joe Slowik, senior security researcher at Domaintools, joins Dennis Fisher to discuss the Exchange vulnerabilities, the exploitation activity timeline, and the question of attribution.
Four Critical Flaws Hit F5 BIG-IP Boxes
F5 has patched four critical flaws in its BIG-IP appliances, all of which can lead to remote code execution.
ThreatFox Aims to Simplify IOC Sharing
The new ThreatFox platform from Abuse.ch is designed to allow researchers to share IOCs freely and easily without the need to register or subscribe to a feed.
GitHub Fixes Bug That Could Have Routed Authenticated Sessions to Other Users
GitHub has patched a flaw in a backend system that in rare cases could have routed one user's authenticated session to another user's browser.
Microsoft Fixes IE 0-Day Used in Attacks on Researchers
Microsoft has patched a zero day in Internet Explorer and Edge that was used in attacks against security researchers.