conferences
How to social engineer a social network
Social engineering has for a while now been cyber attackers’ best bet to enter systems and compromise accounts when actual hacking doesn’t work, or when they …
A new classification for potentially unwanted mobile apps
What are PUAs (Potentially Unwanted Applications), and how should they be classified in the mobile (specifically Android) environment? PUAs are not technically malware, and …
Building an information security awareness program from scratch
Most security awareness programs suck. They involve canned video presentations or someone from HR explaining computer use policies. Others are extremely expensive and beyond …
Can you trust the apps you use?
With the advent of smartphones, the word “app” has almost become a synonym for pleasure. Whatever you need, whatever you want is right there at your fingertips, …
Video: Operationalizing security intelligence in the enterprise
Many organizations say they acquire and use security intelligence for the benefit of their organizations – but few actually do this right. While security intelligence is …
Big thinkers converge on small town for Day-Con 2013
Day-Con, Dayton Ohio’s annual hacker conference, celebrated its 7th year last month with a completely re-imagined format: limited seating, invitation only, and …
Video: Malware Management Framework
You can throw lots of time and money at scanning your systems for unknown malware, but the reality is that you will only identify a small portion of the bad stuff. Changing …
Customizing defense models to reduce the window of exposure
Most organizations already have a defense model in place that is meant to protect them from attacks, but the problem is that many use an outdated one. But the threat landscape …
The Internet of Things: Vulns, botnets and detection
Does the Internet of Things scare you? It probably should. This DerbyCon video discusses why embedded device security is laughably bad, handling vendor notification, and …
Digital ship pirates: Researchers crack vessel tracking system
In the maritime business, Automated Identification Systems (AIS) are a big deal. They supplement information received by the marine radar system, are used for a wide variety …
Video: Hacking back and active defense
In this DerbyCon video, John Strand will demonstrate the Active Defense Harbinger Distribution, a DARPA funded, free Active Defense virtual machine. He will debunk many of the …
Video: Antivirus evasion techniques
This video from DerbyCon discusses the basics of the AV evasion problem, what techniques work, which ones don’t and why. The talk has a particular focus on AV evasion as …
Featured news
Resources
Don't miss
- Training an AI agent to attack LLM applications like a real adversary
- You don’t have to choose between BAS or automated pentesting, you shouldn’t
- Why your phishing simulations aren’t building a security culture
- Your security stack looks fine from the dashboard and that’s the problem
- Kali Linux 2026.1 ships BackTrack mode, eight new tools, and a kernel upgrade to 6.18