Menu

Blogs

Showing Blog Posts: 1–10 of 21 tagged Hacking

  • SANS NetWars at RSAC 2015

    by Fahmida Y. Rashid on May 15, 2015

    SANS Institute brought its NetWars competition to RSA Conference 2015 in San Francisco. A hands-on, interactive learning environment, SANS NetWars lets information security professionals develop and master skills they need in their jobs. The program focuses on developing skills in vulnerability assessment, system hardening, malware analysis, digital forensics, incident response, packet analysis, …

  • Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It

    by Ben Rothke on March 30, 2015

    Technology is neutral and non-moral. It’s the implementers and users who define its use. In Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It, author Marc Goodman spends nearly 400 pages describing the dark side of technology, and those who use it for nefarious purposes. He provides a fascinating overview of how every major technology can be used to benefit…

  • Loose Lips Sink Ships (And Profit Margins!)

    by Dale "Woody" Wooden on January 27, 2015

    Dale "Woody" Wooden illustrates security concepts through stories. This story looks at how attackers monitor employee social media accounts. There is also a Part 2. One of the largest threats facing any corporation is the leak of critical information and the ease at which it can be monitored by criminals and terrorists. Few organizations properly train their employees how to protect themselves at…

  • The best information security book of 2014 and some other excellent ones

    by Ben Rothke on December 29, 2014

    There were a lot of good information security book that came out in 2014, and many that were not worth reading. The following book stand out as the best, followed by a number of other superb titles, listed in no particular order: Measuring and Managing Information Risk: A FAIR Approach - Authors Dr. Jack Freund and Jack Jones have written a magnificent book that will change the way (for the…

  • Fire in the Valley: The Birth and Death of the Personal Computer

    by Ben Rothke on December 18, 2014

    In Fire in the Valley: The Birth and Death of the Personal Computer, authors Michael Swaine and Paul Freiberger provide a thoroughly enjoyable read of the history and development of the PC. As timing would have it, Michael Swain was editor of Dr. Dobb's Journal, which this week announced it would be ceasing publication in 2015 after nearly 40 years in print. The valley in the title is Silicon…

  • New Standards and Protocols Introduce Wireless Security Threats

    by John Linkous on December 3, 2014

    When I hear the term "wireless security," the first thing I think of is my 802.11 Wi-Fi-enabled router, humming along with WPA2 (and Wi-Fi Protected Setup disabled, naturally). There is a relatively low risk that anyone will be able to get to my data—at least until it routes to the Internet. What I—like many of you, probably—tend to forget about are the other, lesser known protocols and standards…

  • Social Engineering 2.0: Old-Fashioned Targets, Cutting-Edge Techniques

    by John Linkous on November 14, 2014

    Back in 2006, a large company in Chicago contracted my company to conduct an advanced information security controls assessment. In addition to looking for technical vulnerabilities—unpatched servers, web app vulnerabilities, open ports that should be closed, and the like—we were also contracted to conduct a social engineering assessment. On the first day of our technical assessment, our team…

  • Source Code: The Last Frontier of Security Threats

    by John Linkous on November 13, 2014

    My consulting firm is increasingly receiving requests from customers to help them address what seems to be the last frontier of security analysis: source code. As an analyst, I have a lot of tools at my disposal for identifying problems in both compiled code and p-code. Security, after all, started out as a black box-oriented approach to figuring out answers to problems; we know what the specs of…

  • Next-Gen Malware: Destructive Devices

    by Christopher Burgess on June 11, 2014

    The word malware (malicious or malevolent software) has permeated our lexicon, especially for those in the security world. A cyber-criminal's intent has been either to utilize your resources in their criminal endeavors (i.e., put their malware on your system and launch from within your hosted spaces) or to extract information from your entity that could be monetized quickly and effectively. At the…

  • Modern Challenges of Mobile Forensics

    by John Linkous on May 14, 2014

    As the world of technology continues to move toward mobile devices, these devices are becoming rich targets for malware, bad actors, and even government agencies seeking to increase the scope of their surveillance capability. Of course, there's a lot that an enterprise can do to secure their mobile devices properly. However, the reality of today's threat landscape is such that that organizations…

This document was retrieved from http://www.rsaconference.com/blogs on Sun, 30 Aug 2015 05:53:20 -0400.
© 2015 EMC Corporation. All rights reserved.