Features
For the love of a good IT book: The No Starch Press story
When No Starch Press founder Bill Pollock decided that his new venture would go for quality instead of quantity, he made the right choice. “We haven’t had a down …
GDPR: Today is the day
Today is the day many organizations around the world have been preparing for. As GDPR becomes enforceable, we sat down with Jerry Caponera, VP Cyber Risk Strategy, Nehemiah …
ShiftLeft: Fully automated runtime security solution for cloud applications
When talking about data loss prevention, the first thing that comes to mind are solutions aimed at stopping users from moving sensitive documents/data out of a network. But …
Establishing covert communication channels by abusing GSM AT commands
Security research often starts as a hobby project, and Alfonso Muñoz’s and Jorge Cuadrado’s probe into mobile privacy is no exception. The duo, who’s …
Hacking intelligent buildings using KNX and Zigbee networks
A great many of us are living, staying or working in “smart” buildings, relying on automated processes to control things like heating, ventilation, air …
Do you have what it takes to withstand modern DDoS attacks?
As the latest record DDoS attack hit GitHub and threatened to overwhelm its edge network, the popular Git-repository hosting service quickly switched to routing the attack …
Backdooring connected cars for covert remote control
We’ve all known for a while now that the security of connected cars leaves a lot to be desired. The latest proof of that sad state of affairs comes from Argentinian …
Tackling the insider threat: Where to start?
Many organizations still believe the definition of an insider threat is limited to a rogue employee purposefully leaking embarrassing information, or nuking a couple of …
How cybercriminals abuse the travel and hospitality industry
The travel and hospitality industry suffers billions of losses each year due to fraud. “With the right combination of other underground services (compromised accounts, …
Let no endpoint go dark
The compromise of a single enterprise endpoint can ultimately lead to a wider security incident, ransomware outbreak, data breach, costly remediation and rebuilding of lost …
Richard Ford: A physicist’s strange journey to become an infosec scientist
Many of today’s information security professionals started their path towards a career in the industry by becoming frustrated gamers. Richard Ford, Chief Scientist at …
Chris Eng: An infosec journey from offense to defense
“Come to my lab, I promise you’ll learn something cool,” a friend told Chris Eng. Within a couple of hours, he had walked him through writing an exploit for …