Expert analysis
The fluctuation of compliance
After this weekend, all retailers accepting payment card transactions will be expected to either use a specialized firewall for protecting their Web applications or to have …
Do passwords matter?
You don’t have to look very hard to find an article discussing password breaches. Recently, there was a lot of buzz around LinkedIn, Last.fm, and eHarmony, three very …
Removing the fear factor from BYOD
In May, HM Revenue and Customs (HMRC) said that it would ignore the government’s advice on BYOD (bring your own device) because of concerns around the security of the …
Investigating Android permissions
Georgia Weidman is the founder of Bulb Security. She’s also a penetration tester, security researcher, and trainer. In this video recorded at Hack in The Box 2012 …
Computer forensics training in Prague
In this interview, Gareth Dance, Conference Director, EMEA, SANS Institute, talks about SANS Forensics Prague 2012. SANS Forensics Prague 2012 is a technically intense event. …
ISO 27001 standard: Breaking the documentation myth
Dejan Kosutic is the founder of the Information Security & Business Continuity Academy. In this interview he discusses the future of compliance, ISO 27001 documentation, …
User activity monitoring revealed
In this interview, Matthew Ulery, Director of Product Management with NetIQ, discusses the challenges related to user activity monitoring. He talks about the various methods, …
What makes a good unified database security solution?
The rise of hacktivism that went beyond defacing websites and concentrated on stealing information and leaking it has made it clear that most attackers go right for the …
The dangers of NOT passing cybersecurity legislation in 2012
According to the U.S. Government, cyber-security protection of critical infrastructure is a national priority. With 85 percent of the nation’s critical infrastructure …
Vulnerabilities in open source WAF ModSecurity
During our research of web application firewall evasion issues, we uncovered a flaw in ModSecurity that may lead to complete bypass of the installed rules, in the cases when …
Product pitch: Entrust IdentityGuard
In this podcast, Mike Moir, Product manager with Entrust, talks about Entrust IdentityGuard, an award-winning software authentication platform that helps financial …
Lessons learned from cracking 2 million LinkedIn passwords
Like everyone this week, I learned about a huge file of password hashes that had been leaked. The 120MB zip file contained 6,458,020 SHA-1 hashes of passwords for end-user …
Featured news
Resources
Don't miss
- AI isn’t one system, and your threat model shouldn’t be either
- LLMs work better together in smart contract audits
- Product showcase: NAKIVO v11.1 advances MSP service delivery with secure multi-tenant management
- Crypto theft in 2025: North Korean hackers continue to dominate
- Clipping Scripted Sparrow’s wings: Tracking a global phishing ring