Clik here to view.
Encrypted? Check. Strong passphrase? Check. Mailing them together? Oops.
Encryption only helps secure your data when the keys are a secret, a lesson learned the hard way by Ernst and Young and Regions Financial.
View ArticleClik here to view.
Security for a Greater Good
I'm very excited to be helping Ushahidi build a security group to enhance the security of their software. Ushahidi describes itself as the following: We are a non-profit tech company that develops...
View ArticleClik here to view.
InfoSec Daily Podcast Episode 585
Episode 585 - Eyes Open, Bouncer, PHP, NATO Deficiencies, Fakebook Accounts & What’s New?
View ArticleClik here to view.
Clik here to view.
Kevin Mitnick & Dave Kennedy – Adaptive Penetration Testing Derbycon 2011
Penetration Testing is something that has many different meaning depending on the context used by the person. The Penetration Testing Execution Standard (PTES) is aimed to change that. In this talk...
View ArticleClik here to view.
AVAST reaches 150 million active users
If you are planning to visit Europe these days or actually live here… get ready for some very cold weather and temperatures much lower than normal. -37 degrees Celsius is not a temperature to be...
View ArticleClik here to view.
Towards the Big Information Society or "Power to the people"
Current government policy is that which the coalition partners can agree with the tribes of Whitehall, as well as each other. Oliver Letwin has asked the Conservative Policy Forum (CPF) to start...
View ArticleClik here to view.
RT @IEEE_SP2012: Spread the word about @IEEE_SP2012 – post this flyer (pdf) a…
RT @IEEE_SP2012: Spread the word about @IEEE_SP2012 - post this flyer (pdf) and hand out at other security events: http://t.co/ofwfvizy
View ArticleClik here to view.
RT @teamcymru: Great progress in cooperation: European ‘cyber security’ Agenc…
RT @teamcymru: Great progress in cooperation: European ‘cyber security’ Agency ENISA meeting with EuroPol in Crete http://t.co/YHXiXOzN
View ArticleClik here to view.
ATM skimmer installed in under 10 seconds
This is an old video, but its still relevant today. With over $1 billion dollars skimmed every year in the US alone, this issue is only going to grow with time. We're starting to see skimmers installed...
View ArticleClik here to view.
Federal Information Systems Security Educators’ Association Conference Slated
Slated for March 27-29, 2012, the National Institute of Standards and Technologies [NIST] has entitled the new FISSEA conference “A New Era in Cybersecurity Awareness, Training, and Education”. Venue...
View ArticleClik here to view.
Clik here to view.
Medeco Nexgen XT
Mechanical locks tell no tales. While a well thought out key control system is essential to your physical security plan, those mechanical deadbolts and door locks will never tell you who ...Read Full...
View ArticleClik here to view.
SSL for less than 7 Euros?! Yup…
As part of the activities that I've been developing for AP2SI I've just found this. And I could not resist sharing. Yes, it's true that the cost of digital certificates is not, typically, very small....
View ArticleClik here to view.
Publish and/or perish
A new study notes that “scholarly” academic journals are forcing the people who want to publish in them (the journals) to add useless citations to the published articles. OK, this may sound like more...
View ArticleClik here to view.
Blending in with the furniture – responsibility vs capability in the CISO role
I just finished editing a podcast (Episode 10 for release Monday February 6th) where I got to sit down with Gene Kim, the guy who wrote the Visible Ops book - a staple of every good IT manger's...
View ArticleClik here to view.
Clarifying The Trustwave CA Policy Update
We've seen a number of comments and questions on Twitter regarding a recent Trustwave CA Policy Update to our legal repository (https://ssl.trustwave.com/CA). This update discusses a subordinate root...
View ArticleClik here to view.
Sonicwall netExtender on ubuntu x64 missing libssl or libcrypto
Wow, over a year since my last post. Work has been crazy and personal life is even worse. If any of you are wondering where i have been hiding head over to upSploit. Well I have just rebuilt my laptop...
View ArticleClik here to view.
DNS Changer infrastructure shutdown is a *good* thing
The FBI may shutdown the DNS servers victims of the DNS Changer malware have been using on March 8th. Is this a dangerous action, or is five months to clean up your PC enough?
View ArticleClik here to view.
Finding Evil: Automating Autoruns Analysis
You can buy appliances to put in your network in an effort to find evil on systems in your enterpise. I know a wicked smart individual who develops one such system and I strongly recommend you check...
View Article