Clik here to view.
RSA Conference Guide 2012: Endpoint Security
Ah, the endpoint. Do you remember the good old days when endpoint devices were laptops? That made things pretty simple, but alas times have changed and the endpoint devices you are tasked to protect...
View ArticleClik here to view.
SBN Sponsor Post
Share your best advice with us – tell us the best advice you’ve ever received, heard or given.http://bit.ly/xbdT9q
View ArticleClik here to view.
Hunting & Exploiting Directory Traversal
In cktricky's last post he provided a great outline on the ins and outs of leveraging burp's built in support for directory traversal testing. There are two questions, however, that should immediately...
View ArticleClik here to view.
Simplifying the Forensics of IT Security
Managing IT security can be a thankless job in more ways than one, especially given the size of the task at hand. To really figure out what is happening and when it's happening, IT security managers...
View ArticleClik here to view.
Depressing Court Ruling on Insider Threats
A federal court reversed a conviction against a Goldman-Sachs developer who allegedly stole source code. However, the court is not saying why. The reversal was without explanation; it said an opinion...
View ArticleClik here to view.
{Quick Post} Fun with Python ctypes – simpleicmp
As part of another project I’m working on in the background I’ve been playing some with Python’s ctypes. As a casual (and sadly bad) programmer Python ctypes are new to me, so I wanted to knock out a...
View ArticleClik here to view.
A Response to Seth Godin’s "The Illusion of Privacy"
Seth Godin is a smart guy, and people listen to what he says, but he's recently ventured into an area he knows little about, privacy, and made some mistakes I feel should be corrected. Seth lays out...
View ArticleClik here to view.
An Exploit Kit Was Sent To You
Unless you've got the world's best spam filter, you've probably seen one of the latest spam techniques used by malware-dropping bad guys: what appears to be an automated email informing you that a...
View ArticleClik here to view.
The Hybrid Cloud is the Future of IT Infrastructure
Last summer a CIO for a high profile ecommerce company told me that the smartest way to play the cloud was to rent the spike. I just read the same thing from Zynga’s Infrastructure CTO Allan Leinwand...
View ArticleClik here to view.
How we broke the NuCaptcha video scheme and what we propose to fix it
NuCaptcha is the first widely deployed video captcha scheme. Since Technology Review interviewed me about NuCaptcha in October 2010, I have been working on evaluating its security and usability. In...
View ArticleClik here to view.
Back to the “Corner Shop”?
This is just a small reflexion about the last Notepad++ story. Notepad++ is a powerful and free alternative to the original Notepad application delivered with all Windows operating systems. The...
View ArticleClik here to view.
Tevora To Host Southern California Information Security Symposium at The...
Tevora will be hosting the Southern California Information Security Symposium at the exclusive Magic Castle in Hollywood, CA on March 10th, 2012. While enjoying dinner and a show at the private...
View ArticleClik here to view.
Zeus Trojan Author Ran With Spam Kingpins
The cybercrime underground is expanding each day, yet the longer I research this topic the more convinced I am that much of it is run by a fairly small and loose-knit group of hackers. That suspicion...
View ArticleClik here to view.
A Night of Magic – IS Symposium
Tevora will be hosting the Southern California Information Security Symposium at the exclusive Magic Castle in Hollywood, CA on March 10th, 2012. While enjoying dinner and a show at the private...
View ArticleClik here to view.
McAfee faces block due to poor performance in Firefox (Update)
McAfee’s SiteAdvisor security add-on for Firefox could be blocked if the memory leak issues are not addressed. The current recommendation in Mozilla’s bug tracking system is to blacklist the...
View ArticleClik here to view.
Seemingly Magical: DARPA Battle Illusions
Phenomenal write-up at Wired’s DangerRoom, by Noah Shactman, detailing the latest, potentially mind-bending battlefield plans [and budgetary submittal] of the Defense Advanced Research Projects Agency...
View ArticleClik here to view.
Beacon Podcast – Episode 017
Hurricane Labs Beacon Podcast Episode Number: .017 – BEATS Edition Hosts: Bill Mathews (@billford), Matt Yonchak (@mattyonchak), Patrick Sayler (@psayler) OS X 10.8 Mountain Lion - Notification Center...
View ArticleClik here to view.
A peek into the underground economy and the market for stolen credit cards
There’s a great article from Bloomberg (Stolen credit cards for $3.50 online) in which author Michael Riley explores the depths of the underground market for stolen credit card data. Reading this is...
View ArticleClik here to view.
The Patchwork Cloud – Cloud Service Providers, security and incentives
Sometimes, a fellow colleague in the industry hits a point so well it's worth repeating and expanding on it. I'm referring to Dave Shackleford's post title "The Cloud's Low-Rent District". Dave nails...
View ArticleClik here to view.
The Open Organisation Of Lockpickers (TOOOL) Presentation at ShmooCon 2012
The mission of the Open Organisation Of Lockpickers is to advance the general public knowledge about locks and lockpicking. By examining locks, safes, and other such hardware and by publicly discussing...
View Article