Latest Blog Posts
September 19, 2013 Added by:Vince Schiavone
As the threats emerging from social media expand in type, frequency and complexity, the proverbial heads of many corporations are spinning as nearly every office across the C-suite experiences serious repercussions from these growing risks.
September 19, 2013 Added by:Patrick Oliver Graf
The weakest links tend to be the same mobile endpoints spurring the BYOD movement – laptops, tablets, smartphones, etc. There are several reasons why these mobile endpoints are particularly vulnerable
September 17, 2013 Added by:InfosecIsland News
HP today announced new products and services that enable enterprises to disrupt the adversary marketplace, manage risk and extend their security capabilities to better protect themselves against a growing threat landscape.
September 15, 2013 Added by:Matthijs R. Koot
On September 13th 2013, the Dutch government responded (.pdf, in Dutch) to the revelations by Edward Snowden. Unfortunately, that response is currently only available in Dutch. I decided to translate it to English.
September 12, 2013 Added by:Rafal Los
Over the course of two days I had the opportunity to do in-depth discovery with the leadership of the organization's Information Technology group. What struck me is hearing things like “We've never had to think about that before, that's always been provided by the mothership!” from Bill the CIO. This included things like risk management and legal functions...
September 12, 2013 Added by:Mike Lennon
Vodafone Germany said an attacker with insider knowledge had stolen the personal data of two million of its customers from a server located in Germany.
September 12, 2013 Added by:Eric Byres
I am not a SCADA Apologist. If anything, I consider people like myself and Joel Langill to be SCADA Realists. Clearly Joel and I believe security is important. If we didn’t, we wouldn’t be in this business. And our clients don’t pay us to hear: “Do nothing; it’s the other guy’s fault.”
September 11, 2013 Added by:InfosecIsland News
Kaspersky Lab has uncovered details of an ongoing cyber-espionage campaign targeting South Korean think tanks.
September 11, 2013 Added by:Rohit Sethi
Let’s say you’ve just had a pen test or security scan performed on your application. You review the list of findings and get to work on remediation. Apart from obvious shortcomings of any individual single assessment technique, you may also be doing a disservice to meeting your business goals.
September 10, 2013 Added by:Steven Fox, CISSP, QSA
The GrrCon OSINT workshop runs from the morning of September 12, culminating with submission of intelligence reports on the evening of September 13.
September 10, 2013 Added by:Patrick Oliver Graf
With each version and new feature that Google adds to Android, the security of mobile devices with older Android releases falls farther down the priority ladder, and unfortunately for IT executives, this means their enterprises become more susceptible to potential attacks.
September 10, 2013 Added by:Ian Tibble
Many Analysts and Consultants will face the decision to go in-house at some point in their careers, or remain in a service provider capacity. Others may be in-house and considering the switch to a consultancy. This post hopefully can help the decision making process.
September 06, 2013 Added by:Steven Fox, CISSP, QSA
Blending the principles of Open Source Intelligence (OSINT) with a Capture the Flag (CTF) contest, my September 12 GrrCon workshop will challenge attendees’ abilities to translate data into actionable recommendations.