Latest Blog Posts


Get Physical with your Physical Space

August 17, 2015 Added by:Jayson Wylie

Current social engineering practice has gone beyond mail phishing scams and there is high probability that there is potential of a malicious presence in the mix within the place of work.

Comments  (0)


Businesses Should Take a Pass on Traditional Password Security

August 04, 2015 Added by:Geoff Sanders

Historical forms of authentication were never meant for the networked landscape we live in today. The first passwords were adequate authentication solutions only because the systems they secured were isolated. Unfortunately, the isolated systems that pervaded the early days of the computer revolution has set the foundation for authentication in the Internet Age.

Comments  (0)


Hackers and Threats: Cybercrime Syndicates Go Global

August 04, 2015 Added by:Steve Durbin

Organizations are struggling to cope with the quantum speed and sophistication of global cyber-attacks being carried out by organized cyber-criminal syndicates. Moving forward, businesses need to prepare to be targeted at any time, and any place, by multiple assailants. Organizations that wish to keep pace with these developments, and remain financially viable, need to take action now, or face the...

Comments  (0)


The Technical Limitations of Lloyd’s Cyber Report on the Insurance Implications of Cyberattack on the US Grid

July 31, 2015 Added by:Joe Weiss

The recent Lloyd’s report on cyber implications of the electric grid serves an important need to understand the insurance implications of a cyber attack against the electric grid. Unfortunately, I believe the technical aspects of the hypothesized attack in the Lloyd’s study are too flawed to be used.

Comments  (0)


Debunking Myths: Application Security Checklists Suck

July 31, 2015 Added by:Rohit Sethi

There is a pervasive sentiment amongst the security community about checklists: they suck. We’ve all seen inflexible audit checklists that seem to be highly irrelevant to the specific system being audited.

Comments  (0)


How to Tell a Landscaper From a Thief

July 20, 2015 Added by:Or Katz

Casually dismissed attack reconnaissance should be considered as valuable information and should be treated as such.

Comments  (0)


Universities at risk of Data Breaches: Is it Possible to Protect Them?

July 17, 2015 Added by:Alexander Polyakov

As all university networks are complex and consist of numerous modules and there are numerous vulnerabilities in them, protecting them seems a nightmare for any IT team. Cybersecurity is not some separate steps taking from time to time, but the ongoing process.

Comments  (0)


Understanding the Strengths and Limitations of Static Analysis Security Testing (SAST)

July 17, 2015 Added by:Rohit Sethi

While static analysis is a very valuable technology for secure development, it is clearly no substitute for building applications with security in mind from the start.

Comments  (0)


Cloud Security: It’s in the Cloud - But Where? (Part III)

July 06, 2015 Added by:Steve Durbin

Part III in this series looks at the need to institute a cloud assessment process and the four actions that organizations of all sizes can take to better prepare themselves as they place their sensitive data in the cloud.

Comments  (0)


Challenges and Solutions of Threat and Vulnerability Sharing in 2015

June 29, 2015 Added by:Shawn Masters

Overcoming the challenges that information sharing presents will require greater collaboration across the financial industry and a focus on combined efforts rather than individual protection

Comments  (0)


Enterprises See 30 Percent Rise in Phone Fraud: Report

June 25, 2015 Added by:Eduard Kovacs

Based on data from its “telephony honeypot,” anti-fraud company Pindrop Security has determined that the number of scam calls aimed at enterprises has increased by 30 percent since 2013.

Comments  (0)


Elusive HanJuan EK Drops New Tinba Version (updated)

June 25, 2015 Added by:Malwarebytes

Dutch security firm Fox-IT has identified the payload as a new version of Tinba, a well-known banking piece of malware.

Comments  (0)


VERT Vuln School: Return-Oriented Programming (ROP) 101

June 25, 2015 Added by:Tripwire Inc

In the beginning, there were stack buffer overflows everywhere.

Comments  (0)


Enable the Business? Sometimes Security Must Say “NO”…

June 25, 2015 Added by:Anton Chuvakin

As a security technologist you may be asked to do the impossible.

Comments  (0)


Researchers Demonstrate Stealing Encryption Keys Via Radio

June 24, 2015 Added by:Brian Prince

Researchers at Tel Aviv University have demonstrated a method of stealing encryption keys from a PC using a radio receiver small enough to hide inside a piece of pita bread.

Comments  (0)


Thoughts on the Active Defense Debate

June 24, 2015 Added by:Joseph Pizzo

Organizations large and small need to run a better defense and get better at securing their assets, only then should an attack response be considered.

Comments  (0)

« First < Previous | 1 - 2 - 3 - 4 - 5 | Next > Last »