Latest Videos
BlackHat 2012: Alexander Polyakov on New SAP Vulnerabilities
August 01, 2012
Alexander Polyakov describes a recently discovered and widespread architectural vulnerability which especially targets SAP applications and allows for the bypassing of SAP security restrictions, such as firewalls, even in secure landscapes...
Comments (0)
Josh Corman and Jericho Discuss Building a Better Anonymous
August 01, 2012
Josh Corman and Attrition.org's Jericho took some time out at BSidesLV to discuss their article series titled "Building a Better Anonymous" which examined the rogue movement's pros and cons, successes and failure, the group's caricature in the media, and the movement's future...
Comments (0)
BSidesLV 2012: Termineter Framework and Smart Meter Testing
July 31, 2012
The "Power Grid" is a growing topic in the security industry and Advanced Metering Infrastructure (AMI) is a topic that hasn't been discussed to its full potential. Spencer's presentation discussed the types of vulnerabilities found in Smart Meters, and gave examples from real world assessments he conducted...
Comments (0)
BlackHat 2012: Howard Schmidt on Public-Private Partnership
July 31, 2012
Former White House Cybersecurity Coordinator Howard Schmidt offers his opinions on the issues surrounding the strengthening of the relationship between government and the private sector, as well as the urgent need for the passage of effective cybersecurity legislation...
Comments (0)
BlackHat 2012: Dave Porcello Discusses the Power Pwn
July 30, 2012
Dave Porcello, Founder and CEO of Pwnie Express discusses the recently released Power Pwn, a fully-integrated enterprise-class penetration testing platform, covering the entire spectrum of a full-scale pentesting engagement, from the physical-layer to the application-layer...
Comments (0)
Security Slide Rules - The Video...
July 24, 2012
I read this blog post on Slide Rules by Wendy Nather and immediately dropped her a note asking for permission to convert it into a video. After a huge battle with 20th Century Fox over rights to film I won... well at least that’s how I imagine it to have happened...
Comments (0)
What is Cross-Site Scripting?
July 19, 2012
In a XSS attack, JavaScript might steal session credentials, capture keystrokes or iterate across every form on a page and replace every action so that instead of submitting your username and password to the real application, the JavaScript causes your username and password to be sent to the attacker...
Comments (0)
The Growing Responsibilities of a CISO
July 13, 2012
Phil Cracknell, Global Head of Security and Compliance at Yell Group, talks to us about the challenges of a CISO. Video taken at Information Security Europe 2012...
Comments (0)
Infosec: English - Do You Speak it?
June 29, 2012
Seeing as so many people (well OK, two people) were asking me about my BSides London talk, I thought that rather than just send the link to the video, I’ll embed it here so I can say a few words about it too... Uhm, this is my talk...
Comments (0)
Infosec and Business Speak
June 22, 2012
Information Security folk aren’t much different than people in other careers. When we get together and talk amongst ourselves, it can sound like a foreign language. But do we remember to revert back to normal language when we speak to non-security people?
Comments (0)
Video: On the Recent Password Breaches
June 16, 2012
LinkedIn, LastFM and eHarmony all suffered major password database breaches recently. But really, with so many breaches happening, did anyone even notice?
Comments (0)
PCI DSS and Compliance: Just a Tick Box Exercise?
June 13, 2012
According to Neira Jones, Head of Payment Security at Barclaycard, compliance should be a natural byproduct of good risk management and information security practice...
Comments (0)
Security Awareness Training for Employees
June 07, 2012
Security awareness training can be a bit dull and boring, so we commonly try to come up with ways on how to make it a more engaging topic for our audience. But do we end up patronizing them with gimmicks and child-like messages?
Comments (0)
Flame Trojan: Fact or FUD?
June 05, 2012
What is FUD? Is it good or bad and how can you differentiate between what's true and what’s FUD? Like those old adverts that used to ask, “Is it real or is it Memorex”? Ask yourself whenever you hear something major has broken out that will infect every device on the planet, is it real, or is it FUD?
Comments (0)
How to Deal with a Security Incident
June 01, 2012
"Incidents are bound to happen, there's no avoiding it!" Brian Honan, internationally recognized information security expert, offers tips on how to respond to security incidents...
Comments (1)
The Best Security Advice
May 27, 2012
What's the best security advice you've been given? Attendees at Infosecurity Europe tell us their best information security tips. Don't forget to like the video if it has been of any use to you. As always, Javvad is easy to stalk...
Comments (0)
- BlackWater Campaign Linked to MuddyWater Cyberspies
- Privilege Escalation Flaws Impact Wacom Update Helper
- Answering Tough Questions About Network Metadata and Zeek
- Qakbot Trojan Updates Persistence, Evasion Mechanism
- Flaws in D-Link Cloud Camera Expose Video Streams
- SOAR: Doing More with Less
- Gaining Control of Security and Privacy to Protect IoT Data
- Growing Reliance on Digital Connectivity Amplifies Existing Risks, Creates New Ones
- How Microsegmentation Helps to Keep Your Network Security Watertight
- Through the Executive Lens: Prioritizing Application Security Vulnerabilities