We've heard this question a lot, haven't we? I attended a conference about 2 1/2 years ago, and the agenda for that conference had about half a dozen or more presentations that contained "APT" in their title. I attended several of them, and I have to say ... I walked out of some of them.
As many as 300 oil and energy companies have been targeted by hackers in the largest ever...
In the context of cyber crime, emerging countries such as Brazil, South Korea and Turkey among...
Retail security is under the microscope this week, thanks to data breaches at United Parcel...
At no time in history has there been a greater need to hire security professionals to protect and defend infrastructures from an inexhaustible onslaught of organized crime, industrial espionage, and nation-state attacks.
Services are up and running again after a denial of service took down Sony's PlayStation Network for much of Sunday, coinciding with a bomb threat on American Airlines flight 362, which carried John Smedley, president of Sony Online Entertainment. The threats caused the airline to divert the flight.
South Korean authorities have revealed a massive data breach that has affected well over half of the country's 50 million citizens.
Governor Jerry Brown of California on Monday signed into law a measure that requires smartphones sold in California to include smarter antitheft technology, a feature that lawmakers hope will help reduce phone theft.
Websense Security Labs has come across an interesting campaign, targeting Russian nationals, trying to lure them to download and run executables on their computers, under the guise of attacking Western government websites.
There is a severe shortage of information security professionals, and leading industry experts say it's only getting worse. Word among attendees at Black Hat USA 2014 conference was that there are more jobs in cybersecurity than people to fill them.
I’ve seen some email threads on a few listserv groups talking about developing a capability to take indicators from threat feeds and automatically generating signatures that can be used in various detection technologies. I have some issues with taking this approach and thought a blog post on it may be better than replying to these threads.
How are ex-military and ex-hackers different? For starters, security guys with a military background are more likely to have a “traditional career.” This typically includes a degree from a four-year university, a series of jobs with certifications, and formal recognition that one would expect from a military person.
I've been an adjunct professor at NYU Poly for almost two years now. It's been a great experience for a number of reasons, one of which is because I'm teaching a hot topic: Vulnerability Analysis and Exploitation.
The web intelligence firm Recorded Future has posted two stories about how al Qaeda is using new encryption software in response to the Snowden disclosures.
auto_rip is a wrapper script for Harlan Carvey's RegRipper and the script has a few updates. The script's home has always been on the RegRipper Google Code site but Google dropped support for adding new downloads. As a result, I thought it might be helpful to make newer versions available at different places since Google Code can no longer be used.
If you have an account and were asked to put a price on a monthly service fee, how much money would you pay to be inspired, to keep up with news events, or to stay in touch with family, friends and colleagues? You're paying for it now, of course, though not with money.
A recently unearthed targeted attack campaign suggests that Pakistan is evolving from hacktivism to cyber espionage.
Imagine discovering a secret language spoken only online by a knowledgeable and learned few. Over a period of weeks, as you begin to tease out the meaning of this curious tongue and ponder its purpose, the language appears to shift in subtle but fantastic ways, remaking itself daily before your eyes. And just when you are poised to share your findings with the rest of the world, the entire thing vanishes.
There's a gaping hole in thousands of unsuspecting people's computers that lets any random internet passerby not only look over their shoulder but reach through to take over their systems. The hole is caused by a remote access tool: specifically, unsecured use of a product known as Virtual Network Computing (VNC).