penetration testing
University of Maryland sets concrete cybersecurity goals in wake of data breach
The individuals affected in the recent data breach at the University of Maryland will be getting five instead of one year of free credit monitoring, the University’s …
New free online software security training courses
The Software Assurance Forum for Excellence in Code (SAFECode), a non-profit organization working to increase trust in technology products and services through the advancement …
Penetration testing: Accurate or abused?
According to a recent Ponemon study, since 2010 cybercrime costs have climbed 78% and the time required to recover from a breach has increased 130%. On average, U.S. …
Bypassing security scanners by changing the system language
A substantial security oversight is present in a variety of penetration testing tools, and it has to do with the different languages that a computer system can be set up to …
How important is penetration testing?
With cyber attacks becoming the norm, it is more important than ever before to undertake regular vulnerability scans and penetration testing to identify vulnerabilities and …
Training: The Art of Exploiting Injection Flaws
HITBSecConf 2013 Malaysia will host the widely acclaimed course The Art of exploiting Injection Flaws in Kuala Lumpur on 14 and 15 October 2013. This hands-on session will …
Most security managers don’t trust their apps
Application vulnerabilities are a major factor in the cybercrime game. More than 500 CISOs and Security managers have been interviewed by Quotium about the security state of …
The current state of application security
New research offers a better way to understand the maturity of an organization’s application security program in comparison to the core competencies of high-performing …
Working as an ethical hacker
The term “ethical hacker” as it is used today is, if you ask me, somewhat imprecise. After all, a hacker in it for the money could be said to follow his or her own …
Cybercriminals are doing a better job than the companies they target
What can you learn from reading the exploits of the most successful hacking ring ever brought to justice? Recently, the US Attorney’s Office in NJ unsealed their …
Rapid7 updates Metasploit, Mobilisafe and Nexpose
Rapid7 announced new innovations for its risk assessment and management portfolio. This simplifies remediation, testing and communication of security program performance to …
Widely used routers easy to hack even by remote attackers
Security researchers from Independent Security Evaluators have tested thirteen widely used small office/home office routers and wireless access points, and have discovered …
Featured news
Resources
Don't miss
- Attackers target retailers’ gift card systems using cloud-only techniques
- Attackers turn trusted OAuth apps into cloud backdoors
- Life, death, and online identity: What happens to your online accounts after death?
- OpenFGA: The open-source engine redefining access control
- For blind people, staying safe online means working around the tools designed to help