Learning from success: Brian Honan’s infosec journey
When Brian Honan started his information security consultancy thirteen years ago, most of his conversations were with those in charge of IT and/or IT security within an …
Disturbing lack of cyber attack awareness among directors
Britain’s top firms and charities urgently need to do more to protect themselves from online threats, according to new government research and a ‘cyber health check’. One in …
Network forensics tool NetworkMiner 2.2 released
NetworkMiner is a popular network forensics tool that can parse pcap files as well as perform live sniffing of network traffic. It collects data about hosts on the network …
Hacking smartphones with malicious replacement parts
Smartphone users can now add a new entry to the list of things they need to worry about: their phones being compromised via replacement parts. A group of researchers from …
Third party trackers on web shops can identify users behind Bitcoin transactions
More and more shopping Web sites accept cryptocurrencies as a method of payment, but users should be aware that these transactions can be used to deanonymize them – even …
Why you need to implement security controls across your environment
In this podcast recorded at Black Hat USA 2017, Tim White, Director of Product Management, Policy Compliance at Qualys, discusses the importance of security configuration …
Doing things right: Cloud and SecOps adoption
There is hardly an organization out there that isn’t planning or hasn’t already taken advantage of the cloud. And, according to Threat Stack CTO Sam Bisbee, there is hardly a …
Gaming the system for a better experience
I play a lot of video games and one of the things I’ve noticed is that when you first start playing, the game often keeps you from venturing into places where you’re likely to …
Sqrrl empowers threat hunters with self-service analytics
Today, analysts must either have advanced data science skills to build hunting algorithms that detect suspicious cyber behaviors or rely on blackbox vendor tools that package …
Week in review: WordPress ransomware, NotPetya aftermath
Here’s an overview of some of last week’s most interesting news and articles: EV ransomware is targeting WordPress sites WordPress security outfit Wordfence has …
Two Foxit Reader RCE zero-day vulnerabilities disclosed
Trend Micro’s Zero Day Initiative has released details about two remote code execution zero-day flaws affecting popular freemium PDF tool Foxit Reader. The first one …
Decryption key for Apple iOS Secure Enclave Processor firmware revealed
A hacker that goes by the handle “xerub” has apparently figured out the decryption key for Apple’s Secure Enclave Processor (SEP) firmware, and made it …