Menu

Blogs

Showing Blog Posts: 1–10 of 19 tagged Hacking

  • Loose Lips Sink Ships (And Profit Margins!)

    by Dale "Woody" Wooden on January 27, 2015

    One of the largest threats facing any corporation is the leak of critical information and the ease at which it can be monitored by criminals and terrorists. Few organizations properly train their employees how to protect themselves at home, to stay safe while traveling, or to censor corporate information on social media. The first step in education is focusing on cyber-hygiene when traveling as…

  • The best information security book of 2014 and some other excellent ones

    by Ben Rothke on December 29, 2014

    There were a lot of good information security book that came out in 2014, and many that were not worth reading. The following book stand out as the best, followed by a number of other superb titles, listed in no particular order: Measuring and Managing Information Risk: A FAIR Approach - Authors Dr. Jack Freund and Jack Jones have written a magnificent book that will change the way (for the…

  • Fire in the Valley: The Birth and Death of the Personal Computer

    by Ben Rothke on December 18, 2014

    In Fire in the Valley: The Birth and Death of the Personal Computer, authors Michael Swaine and Paul Freiberger provide a thoroughly enjoyable read of the history and development of the PC. As timing would have it, Michael Swain was editor of Dr. Dobb's Journal, which this week announced it would be ceasing publication in 2015 after nearly 40 years in print. The valley in the title is Silicon…

  • New Standards and Protocols Introduce Wireless Security Threats

    by John Linkous on December 3, 2014

    When I hear the term "wireless security," the first thing I think of is my 802.11 Wi-Fi-enabled router, humming along with WPA2 (and Wi-Fi Protected Setup disabled, naturally). There is a relatively low risk that anyone will be able to get to my data—at least until it routes to the Internet. What I—like many of you, probably—tend to forget about are the other, lesser known protocols and standards…

  • Social Engineering 2.0: Old-Fashioned Targets, Cutting-Edge Techniques

    by John Linkous on November 14, 2014

    Back in 2006, a large company in Chicago contracted my company to conduct an advanced information security controls assessment. In addition to looking for technical vulnerabilities—unpatched servers, web app vulnerabilities, open ports that should be closed, and the like—we were also contracted to conduct a social engineering assessment. On the first day of our technical assessment, our team…

  • Source Code: The Last Frontier of Security Threats

    by John Linkous on November 13, 2014

    My consulting firm is increasingly receiving requests from customers to help them address what seems to be the last frontier of security analysis: source code. As an analyst, I have a lot of tools at my disposal for identifying problems in both compiled code and p-code. Security, after all, started out as a black box-oriented approach to figuring out answers to problems; we know what the specs of…

  • Next-Gen Malware: Destructive Devices

    by Christopher Burgess on June 11, 2014

    The word malware (malicious or malevolent software) has permeated our lexicon, especially for those in the security world. A cyber-criminal's intent has been either to utilize your resources in their criminal endeavors (i.e., put their malware on your system and launch from within your hosted spaces) or to extract information from your entity that could be monetized quickly and effectively. At the…

  • Modern Challenges of Mobile Forensics

    by John Linkous on May 14, 2014

    As the world of technology continues to move toward mobile devices, these devices are becoming rich targets for malware, bad actors, and even government agencies seeking to increase the scope of their surveillance capability. Of course, there's a lot that an enterprise can do to secure their mobile devices properly. However, the reality of today's threat landscape is such that that organizations…

  • Two new basics books from Syngress

    by Ben Rothke on May 13, 2014

    Syngress has a number of basics guides; meant to quick get the reader up to speed. In The Basics of Web Hacking: Tools and Techniques to Attack the Web and The Basics of Hacking and Penetration Testing, Second Edition: Ethical Hacking and Penetration Testing Made Easy, authors Josh Pauli and Patrick Engebretson provide the reader with a quick and dirty overview of the topic, and enough tactical…

  • New Target Data Breach Lawsuits

    by Stephen Wu on December 31, 2013

    The recent massive data breach into Target’s payment systems compromising millions of payment card numbers is now on the list of the most infamous breaches. In addition, stories are now appearing in news media about lawsuits being filed in the wake of the data breach by victims whose payment card information was believed stolen. I am writing this post to explain what a typical data breach lawsuit…

This document was retrieved from http://www.rsaconference.com/blogs on Fri, 06 Mar 2015 23:21:00 -0500.
© 2015 EMC Corporation. All rights reserved.