Security Training
OpenSSL Problem is HUGE – PAY ATTENTION
April 10, 2014 Added by:Brent Huston
The attack allows an attacker to remotely tamper with OpenSSL implementations to dump PLAIN TEXT secrets, passwords, encryption keys, certificates, etc. They can then use this information against you.
Comments (0)
Hackers Impersonating Feds buy $1.5 Million worth of PC Supplies
April 07, 2014 Added by:Dan Dieterle
“Spear phishing fraud” has been used by hackers impersonating federal entities to create fraudulent orders for large amounts of PC supplies including toners, ink cartridges and even laptops.
Comments (0)
Yahoo Protects Users with Lots More Encryption
April 03, 2014 Added by:Electronic Frontier Foundation
We were thrilled to hear today that Yahoo is carrying through a concerted effort to protect users across its sites and services by rolling out routine encryption in several parts of its infrastructure
Comments (0)
On Complexity & Bureaucracy vs Security…
April 02, 2014 Added by:Brent Huston
“Things have always been done this way.” —> Doesn’t mean they will be done that way in the future, or even that this is a good way.
Comments (0)
Full Disclosure: The Rebirth
March 31, 2014 Added by:Tripwire Inc
Today, Full Disclosure is alive again, the advisories are flowing, the banter is cheerful, and the trolling has already started.
Comments (0)
Reforming Terms of Service: Microsoft Changes Its Policy on Access to User Data
March 31, 2014 Added by:Electronic Frontier Foundation
We commend Microsoft for its willingness to reconsider its policies, and we think it made the right decision.
Comments (0)
Be Wary: Hackers are Readying Security Updates for XP Users
March 27, 2014 Added by:Tripwire Inc
Approximately 40% of PC users still run desktop versions of Windows XP as well. Windows XP has been regarded by many as the best version of Windows ever.
Comments (0)
When Security Tools Cry Wolf
March 27, 2014 Added by:Ken Westin
With the rising number and complexity of security tools at our fingertips, sometimes everything looks like an alert so nothing becomes actionable.
Comments (0)
The Power of Change
March 26, 2014 Added by:Wendy Nather
I believe that most of security relies on detecting and controlling change. And there are so many aspects to change that have to be considered.
Comments (0)
How to Use Threat Intelligence with Your SIEM?
March 26, 2014 Added by:Anton Chuvakin
SIEM and Threat Intelligence (TI) feeds are a marriage made in heaven! Indeed, every SIEM user should send technical TI feeds into their SIEM tool.
Comments (0)
Will the Demise of XP Shut Down Your Business…or Heart?
March 25, 2014 Added by:Rebecca Herold
According to NetMarketShare at the end of February, 2014, 30% of all folks using Windows desktop computers were still running Windows XP.
Comments (0)
Why is Guy Fawkes an Anarchist Hero?
March 23, 2014 Added by:Wayde York
Why do Anonymous hackers and other anarchists use the mask of Guy Fawkes as their symbol? George Orwell may be a better anarchist freedom for all mask than Guy Fawkes.
Comments (2)
On Internally-sourced Threat Intelligence
March 20, 2014 Added by:Anton Chuvakin
At the very top of the very top of the pyramid...sit organizations that produce their own threat intelligence (TI), sourced from local artifacts and their own intelligence gathering activities.
Comments (0)
System Hardening: Defend Like An Attacker
March 18, 2014 Added by:Tripwire Inc
Defenders also need to think like attackers. Easier said than done.
Comments (0)
Delving into Threat Actor Profiles
March 17, 2014 Added by:Anton Chuvakin
Threat actor profiles can be used by a fledgling threat intelligence operation to organize their knowledge about who is “out to get them” and who they observe on their network. Such knowledge organization helps prioritize incident response and alert triage activities.
Comments (0)
Unbalanced Security is Increasing Your Attack Surface
March 13, 2014 Added by:Pete Herzog
Unbalanced security is when your security increases your attack surface. And it’s normal.
Comments (0)
- The Unisys Ponemon study – Is It Actually Relevant to ICSs
- Black Hat Conference Talk on How to Break Tor Cancelled
- Keeping it Simple - Part 1
- The Five Stages of Vulnerability Management
- Cached Domain Credentials in Vista/7 (AKA Why Full Drive Encryption is Important)
- Snowden Continues to Expose Allied Cyber Tactics
- Compliance and Security Seals from a Different Perspective
- Security: Not Just a Checkbox Anymore
- Hacks of Houston Astros, Butler University Put Network Security on Center Stage
- Is BYOD Security Really Concerned with Safety – or Is It About Control?