August 31, 2011 Added by:Security BSides
The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants...
August 30, 2011 Added by:Rafal Los
The Cloudpocalypse - where you've bought into a cloud service, neglected to understand what you're buying into (service level, liability, etc.) and then are left crying onto your keyboard as your cloud provider tells you, "Sorry, we've lost all your data... but you have a backup somewhere, right?"
August 30, 2011 Added by:Bozidar Spirovski
Centralizing your storage is always a very good idea - you can manage storage requirements of most servers through a central storage system, without the hassle of juggling local disks within servers. But centralizing a storage opens a whole new world of hassles...
August 30, 2011 Added by:Rob Fuller
One important thing to note about Railgun is that you are querying the API, and just as if you were using C++, the API you are calling just might not be there on the system. So here is a quick trick to find out if a the function (API) that you are trying to call is available to you...
August 30, 2011 Added by:Brent Huston
I was fascinated by this article that came across my newsfeed that said McAfee hit 65 million malware samples in the 2nd quarter of 2011. It seems that the malware cat truly is out of the bag. It also seems like someone forgot to warn the crimeware world about opening Pandora’s box...
August 30, 2011 Added by:Infosec Island Admin
The ISLAND TRADEWINDS program is designed to offer infosec training and certification opportunities at significantly discounted rates. You can receive discounts of up to $500 or 20% on courses from Global Knowledge, Career Academy, SANS, and the Infosec Institute...
August 30, 2011 Added by:Craig S Wright
Cybercriminals are actually extremely rational. And not necessarily talking of hacktivists and others without a clear profit motive, but those with a drive to make money act extremely rationally. Consequently, there is a solution: Reduce their profit...
August 30, 2011 Added by:Joel Harding
Wow, it’s really cool that we have proof that China not only has the capabilities but has been caught red-handed attacking a website, and the target they’re attacking is located inside the US. I’m sure somebody at the new US Cyber Command jumped up and down and said, “Yes! We have proof..."
August 29, 2011 Added by:J. Oquendo
Arguments surrounding APT will remain a battle of expert vs. expert - but how about we use some common sense for a moment? If YOU were an attacker, why would you bother attacking from your own fixed location? It would make more sense to attack from another country for deflection purposes...
August 29, 2011 Added by:Steven Fox, CISSP, QSA
DefCon Kids follows the trend towards developing cybersecurity skills in youth, so that these young professionals will one day be prepared to tackle the increasingly advanced cyber attacks that constantly threaten today’s enterprises...
August 29, 2011 Added by:Wim Remes
I want to work with ISC2 leadership and membership to review the current status of the CISSP certification, how it is perceived by different audiences, and improve the exam process. With over 79,000 certification holders, it could be concluded that the certification is doing well...
August 29, 2011 Added by:Jamie Adams
The new draft STIG requires entries in a configuration file to prevent the kernel from loading modules – even if the modules aren't installed on the system. Nonetheless, I have compiled a list of the required settings which must be set in your modprobe.conf configuration file...
August 29, 2011 Added by:Headlines
"We don't see that many internet worms these days. It's mostly just bots and trojans. But we just found a new internet worm, and it's spreading in the wild... It uses a new spreading vector that we haven't seen before: RDP," said F-Secure...
August 28, 2011 Added by:Mark Baldwin
A new Apache DoS vulnerability was reported by security researcher Kingcope on the Seclists.org Full Disclosure mailing list that affects most default installations of Apache 1.3/2.x. Fortunately, there are some configuration settings that can be adjusted to mitigate this vulnerability...
August 28, 2011 Added by:Brian Smithson
Multipass disk overwrite and the “DoD 5220-22-M standard 3-pass wipe” are, at best, urban legends. At worst, they are a waste of time. A single pass overwrite with any arbitrary value (randomly chosen or not) is sufficient to render the original HDD data effectively irretrievable...
August 27, 2011 Added by:Rafal Los
Security professionals need to ensure that we're doing what's right for the developers who will be building more secure software, rather than us security professionals who are adept at bolting on security bits. That's the big revelation here, but of course, only if you believe me...
Steps Toward Weaponizing the Android Platfor... Freid Jerome on 05-17-2013