Information Security
On Website Security
November 08, 2012
So websites – even really large ones have some serious security flaws and it’s disturbing. Yet they don’t seem to care much. Guys like Troy Hunt are doing a great job bringing these issues to light. In this video Girl Cynic and I ponder over some of these issues...
Comments (0)
On Security vs. Privacy
October 23, 2012
Security and privacy are sometimes used synonymously, at other times they are used as separate entities, and at other times they are used as co-dependent on each other. But what is the truth? I ended up having this discussion with Brian Honan whilst at RSA Europe and he explained his point of view...
Comments (0)
How to Become an Infosec Rock Star
September 20, 2012
I teamed up with the infamous Space Rogue to finally reveal the secrets "they" didn't want you to know - that's right, we break down how you can become an Infosec Rockstar...
Comments (1)
Open Source Security Tools You Could Be Using
August 17, 2012
Jeff Bardin, a Principal at Treadstone 71 LLC, shared a variety of open source tools that businesses and consumers can use can for “espionage, competitive intelligence, and intellectual property” purposes. Check out this video to find out more about these tools and what they can do...
Comments (0)
Fighting Threats in the Age of Cyberwar
August 14, 2012
ICSA Labs Chief Emerging Threat Researcher Roger Thompson discusses security challenges in the face of ever-evolving cyber threats in the wild. Thompson is a pioneer in combating malware. In 1987, he created Australia’s first anti-virus program after recognizing a trend in malware lifecycles...
Comments (0)
BlackHat 2012: Dwayne Melancon Key Takeaways
August 13, 2012
Melancon notes a key finding that “Hackers are always looking for outliers…and the key is to have a way to evaluate your systems and security posture continuously and be able to react pretty quickly.” What else can businesses learn from hackers? Check out this video to find out...
Comments (0)
When to Strike Back: Mitigative and Retributive Counterstriking
August 10, 2012
Our information and cyber security perimeters and infrastructures are battered daily by scores of probes, scans, and attacks. We stand in defensive posture ducking, bobbing and weaving as we try to avoid the offensive onslaught. It is a losing proposition. Isn't it time we started striking back?
Comments (0)
What it Takes to Create Intelligence for a Stuxnet, Flame or Duqu
August 06, 2012
Stuxnet, Flame, Duqu and Mahdi are but payloads of overall programs designed through the work of intelligence. The news, anti-virus firms, managed security companies and consultancies all focus on the malware and the code. They are missing the big picture...
Comments (0)
Vegas, BlackHat, BSidesLV and DefCon: The Video
August 02, 2012
Javvad takes us on a whirlwind video tour of Vegas, BlackHat, BSidesLV and DefCon. You will see a lot of familiar faces in characteristically compromising situations. Remember, if you can't keep it in Vegas, try to only share the small details...
Comments (0)
BlackHat 2012: Alexander Polyakov on New SAP Vulnerabilities
August 01, 2012
Alexander Polyakov describes a recently discovered and widespread architectural vulnerability which especially targets SAP applications and allows for the bypassing of SAP security restrictions, such as firewalls, even in secure landscapes...
Comments (0)
Josh Corman and Jericho Discuss Building a Better Anonymous
August 01, 2012
Josh Corman and Attrition.org's Jericho took some time out at BSidesLV to discuss their article series titled "Building a Better Anonymous" which examined the rogue movement's pros and cons, successes and failure, the group's caricature in the media, and the movement's future...
Comments (0)
BlackHat 2012: Dave Porcello Discusses the Power Pwn
July 30, 2012
Dave Porcello, Founder and CEO of Pwnie Express discusses the recently released Power Pwn, a fully-integrated enterprise-class penetration testing platform, covering the entire spectrum of a full-scale pentesting engagement, from the physical-layer to the application-layer...
Comments (0)
Security Slide Rules - The Video...
July 24, 2012
I read this blog post on Slide Rules by Wendy Nather and immediately dropped her a note asking for permission to convert it into a video. After a huge battle with 20th Century Fox over rights to film I won... well at least that’s how I imagine it to have happened...
Comments (0)
What is Cross-Site Scripting?
July 19, 2012
In a XSS attack, JavaScript might steal session credentials, capture keystrokes or iterate across every form on a page and replace every action so that instead of submitting your username and password to the real application, the JavaScript causes your username and password to be sent to the attacker...
Comments (0)
The Growing Responsibilities of a CISO
July 13, 2012
Phil Cracknell, Global Head of Security and Compliance at Yell Group, talks to us about the challenges of a CISO. Video taken at Information Security Europe 2012...
Comments (0)
Infosec and Business Speak
June 22, 2012
Information Security folk aren’t much different than people in other careers. When we get together and talk amongst ourselves, it can sound like a foreign language. But do we remember to revert back to normal language when we speak to non-security people?
Comments (0)
- Google Skips Chrome 82, Resumes Stable Releases
- Benchmarking the State of the CISO in 2020
- Cyberattacks a Top Concern for Gov Workers
- Hackers Target Online Gambling Sites
- When Data Is Currency, Who’s Responsible for Its Security?
- SEC Shares Cybersecurity and Resiliency Observations
- What Does Being Data-Centric Actually Look Like?
- The Big 3: Top Domain-Based Attack Tactics Threatening Organizations
- Security Compass Receives Funding for Product Development and Expansion
- Password Shaming Isn’t Productive – Passwords Are Scary Business