November 29, 2012
A few months ago, I was invited to present at a summit organized by the New Zealand Privacy Commission, a government organization that is tasked with setting policies to ensure citizens of New Zealand remain secure when it comes to the use of their private information...
November 08, 2012
So websites – even really large ones have some serious security flaws and it’s disturbing. Yet they don’t seem to care much. Guys like Troy Hunt are doing a great job bringing these issues to light. In this video Girl Cynic and I ponder over some of these issues...
October 23, 2012
Security and privacy are sometimes used synonymously, at other times they are used as separate entities, and at other times they are used as co-dependent on each other. But what is the truth? I ended up having this discussion with Brian Honan whilst at RSA Europe and he explained his point of view...
September 24, 2012
Attackers take advantage of any externally facing web application. If you think about a web application is not mission because it’s not touching data and if there is a SQL Injection vulnerability that exists in there attackers can use that to gain a foothold inside the network...
August 21, 2012
“If the government or private organization tries to censor speech online, tries to shut down security researchers from presenting their research, we help to step in and make sure there is open communication and the internet and technology remains free and robust for everyone to use...."
August 20, 2012
Anthony M. Freed, from Infosec Island met up with James Arlen at the 2012 BlackHat Conference in Las Vegas to learn more about the differences between the two systems, how people view them, how to differentiate between the two, and what needs to happen in order for people and businesses to stay safe...
August 17, 2012
Jeff Bardin, a Principal at Treadstone 71 LLC, shared a variety of open source tools that businesses and consumers can use can for “espionage, competitive intelligence, and intellectual property” purposes. Check out this video to find out more about these tools and what they can do...
August 16, 2012
Anyone can go research IT companies and make decisions based solely on what they read, but this is not how people make decisions. People interested in buying a product or service want to know if it will work, how well it has worked in the past, and if current customers are happy with the product or service...
August 15, 2012
To provide more effective data protection that combines preventive and detective controls, a security admin can obtain the necessary technical information to create reports and dashboards that translate data into terms the business understands to make information security visible, measurable and accountable...
August 14, 2012
ICSA Labs Chief Emerging Threat Researcher Roger Thompson discusses security challenges in the face of ever-evolving cyber threats in the wild. Thompson is a pioneer in combating malware. In 1987, he created Australia’s first anti-virus program after recognizing a trend in malware lifecycles...
August 13, 2012
Melancon notes a key finding that “Hackers are always looking for outliers…and the key is to have a way to evaluate your systems and security posture continuously and be able to react pretty quickly.” What else can businesses learn from hackers? Check out this video to find out...
August 10, 2012
Our information and cyber security perimeters and infrastructures are battered daily by scores of probes, scans, and attacks. We stand in defensive posture ducking, bobbing and weaving as we try to avoid the offensive onslaught. It is a losing proposition. Isn't it time we started striking back?
August 06, 2012
Stuxnet, Flame, Duqu and Mahdi are but payloads of overall programs designed through the work of intelligence. The news, anti-virus firms, managed security companies and consultancies all focus on the malware and the code. They are missing the big picture...
August 02, 2012
Javvad takes us on a whirlwind video tour of Vegas, BlackHat, BSidesLV and DefCon. You will see a lot of familiar faces in characteristically compromising situations. Remember, if you can't keep it in Vegas, try to only share the small details...
August 02, 2012
Everyone knows routers, switches and servers are connected to the internet - but what else is out there? Has anybody even looked? Some of Dan's Shodan findings were pretty surprising, and these discoveries are an excellent metric for identifying how successful our security campaigns as an industry are...
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015