conferences
Building an OATH-compliant authentication server for less than $100
Using a Raspberry Pi nanocomputer and the multiOTP open source library, André Liechti showcases how to how to create an OATH-compliant authentication server at PasswordsCon …
Tales of passwords, cyber-criminals and daily used devices
Specific embedded devices are targeted by criminals in order to gain access or utilize for further attacks. Modems are attacked to change DNS-servers for advertising or …
Tracking botnets using automatically generated domains
Stefano Zanero is an Assistant Professor at Politechnico di Milano, where he focuses on systems security. Modern botnets rely on domain-generation algorithms (DGAs) to build …
Bypassing security scanners by changing the system language
A substantial security oversight is present in a variety of penetration testing tools, and it has to do with the different languages that a computer system can be set up to …
Video: Advanced password recovery and modern mitigation strategies
Think about all the passwords we use to access information every day. Whether it is email, social media, financial institutions or numerous other services, passwords have …
How to social engineer a social network
Social engineering has for a while now been cyber attackers’ best bet to enter systems and compromise accounts when actual hacking doesn’t work, or when they …
A new classification for potentially unwanted mobile apps
What are PUAs (Potentially Unwanted Applications), and how should they be classified in the mobile (specifically Android) environment? PUAs are not technically malware, and …
Building an information security awareness program from scratch
Most security awareness programs suck. They involve canned video presentations or someone from HR explaining computer use policies. Others are extremely expensive and beyond …
Can you trust the apps you use?
With the advent of smartphones, the word “app” has almost become a synonym for pleasure. Whatever you need, whatever you want is right there at your fingertips, …
Video: Operationalizing security intelligence in the enterprise
Many organizations say they acquire and use security intelligence for the benefit of their organizations – but few actually do this right. While security intelligence is …
Big thinkers converge on small town for Day-Con 2013
Day-Con, Dayton Ohio’s annual hacker conference, celebrated its 7th year last month with a completely re-imagined format: limited seating, invitation only, and …
Video: Malware Management Framework
You can throw lots of time and money at scanning your systems for unknown malware, but the reality is that you will only identify a small portion of the bad stuff. Changing …