Latest Videos
Infosec Island's Javvad Malik and Black Hat Europe 2012
February 19, 2012
Infosec Island's Javvad Malik will be on site at the Black Hat Europe conference in Amsterdam conducting video interviews and - no doubt - interjecting his trademark brand of humor while exploring cutting edge infosec trends and developments...
Comments (0)
Auditor IV: The Card Data Breach
February 17, 2012
When the unthinkable happens to a company, there's only one person they need to get to the bottom of the matter. The Auditor is back, but this time it's different...
Comments (0)
Javvad Malik on Risk Management
February 10, 2012
A short illustration of risk management. Demonstrating the concepts of risk mitigation, acceptance, avoidance and transfer. Learn these concepts well and you’ll do well in your CISSP exam...
Comments (0)
Boston Police Offer Levity in Wake of Anonymous Hack
February 09, 2012
The Boston Police Department's Media Relation arm has produced a somewhat whimsical video response to the attack of their official website that occurred late last week. The department's website had been hacked and defaced by sympathizers of the rogue movement Anonymous...
Comments (6)
Introduction to Bro Network Security Monitor
February 08, 2012
Great intro video to the Bro Security Network Analysis Framework by Richard Bejtlich. Bro is an amazing tool that gives you a summary of what is going on in your network. It creates text log files of connections, protocols, communications, and what it sees on the wire...
Comments (0)
Straight Talk on Cloud Computing for the Enterprise
February 06, 2012
One of the fantastic things about events like this is that real people show up to listen, learn and share with their fellow attendees, and that's absolutely amazing. We managed to bring together some industry experts with vast practical knowledge on cloud computing...
Comments (0)
Video: Anonymous Claims Hack of FBI Conference Call
February 03, 2012
"The conversation covers tracking of Anonymous and other splinter groups, dates of planned arrests and details of evidence held by police. Anonymous also published an email from the FBI, showing the email addresses of call participants. The FBI confirmed the intercept..."
Comments (0)
On Forgotten Passwords and Security
February 03, 2012
What do you do when a user forgets their password? There are a number of different approaches that can be taken. The challenge when allowing a user to self-service is that you could potentially open up a number of avenues for attack...
Comments (0)
The Importance of Online Safety
January 29, 2012
Taking on the topic of not trusting people online, I thought it would be a good idea to make a PSA style video. Like most of my video’s, it turned out different than I initially envisioned it to be, and hence it’s a lot darker and more serious than my previous offerings...
Comments (0)
Interview with ISMP Founder Marisa Fagan on SECore
January 27, 2012
Marisa Fagan, the founder of the InfoSec Mentors Project - "a non-profit project that builds a more collaborative and friendly environment for newbies in information security" - kindly dropped by from across the pond to talk about SECore.info...
Comments (0)
Security Onion Intrusion Detection System Setup Tutorial
January 25, 2012
Run this on a system that has two network cards and you have a complete NSM/IDS. One NIC connects to your network or internet side of your traffic and monitors every packet, the second NIC connects to your LAN side and can be used to remotely view and monitor intrusion attempts...
Comments (2)
Do Not Encrypt Passwords - Why, You Ask?
January 13, 2012
Encrypting passwords is bad. Try hashing them with a little bit of salt on top. Confused about the terminology - maybe i can clear your confusion with the use of a shoe, a box and a pen & paper...
Comments (2)
Malware Analysis: How to Decode JavaScript Obfuscation
January 05, 2012
When performing malware analysis one of the techniques the bad guys uses to hide their code is obfuscation. What this means is that the program is hidden or obscured to make malware analysis much more difficult. You didn’t think they would make it easy on you did they?
Comments (0)
On Input Validation
December 29, 2011
Input validation is a good security principle based on your application looking at what’s being asked of it and deal in a secure manner. It’s not always fool proof, but goes a long way...
Comments (0)
Happy Holidays from Infosec Island
December 23, 2011
Happy Holidays from the Infosec Island staff. Anthony, Andrian, Lance and Mike wish you the best for this Holiday season. Thanks to everyone for coming to this site and a special thanks to all of our authors the contributors.
Comments (1)
A Look at Infosec Island
December 18, 2011
Rather than giving a security roundup or predicting future security trends for 2012, I thought it a good idea to look at some of the security bloggers over at Infosec Island over the course of the year...
Comments (1)
- McAfee Report: No Immunity from Targeted Attacks
- A Security Resolution for Developers
- IPv6 Protocol Implementation is Not a Security Panacea
- The CISO as a Capable Catalyst
- NIST Pursues Health Record System Usability Testing
- Anonymous, NSA, Power Grids and False Flags
- US and Netherlands Expand Cybersecurity Coordination
- Algorithms: When is Random Really Random?
- Is ICS-CERT Focused on the Right Issues?
- Is Information Online Legally Fair Game to Use for Marketing?