Customizing defense models to reduce the window of exposure
Most organizations already have a defense model in place that is meant to protect them from attacks, but the problem is that many use an outdated one. But the threat landscape …
Lessons learned from sinkholing the ZeroAccess botnet
ZeroAccess (or Sirefef) is a piece of malware that is very adept at hiding its existence from users, and brings in huge sums of money to its masters by performing click-fraud …
Python for web application security professionals
Python is an open source, interactive, object oriented programming language. It’s very easy to learn and an extremely powerful high level language. It runs on Windows, …
Video: Hacking back and active defense
In this DerbyCon video, John Strand will demonstrate the Active Defense Harbinger Distribution, a DARPA funded, free Active Defense virtual machine. He will debunk many of the …
Solving the dilemma of vulnerability exploitation disclosure
The subject of software and hardware vulnerability disclosure has been debate time and time again, and most agree that, if possible, vulnerabilities should first be disclosed …
WordPress security threats, protection tips and tricks
Robert Abela is a WordPress Security Professional and founder of WP White Security. In this interview he talks about the main WordPress security risks, offers tips for website …
Video: Antivirus evasion techniques
This video from DerbyCon discusses the basics of the AV evasion problem, what techniques work, which ones don’t and why. The talk has a particular focus on AV evasion as …
Strengths and weaknesses of MS SmartScreen filter
Microsoft’s SmartScreen application control feature, introduced with Internet Explorer 8 and lately ported to Windows 8 is a good addition to the new OS. It might …
Analyzing APK files inside an online Android application sandbox
Anubis is an online project developed by International Secure Systems Lab, which focuses on analyzing of binaries for different type of systems. The online sandbox was first …
Best practices for threat management
With threats of all types on the rise and increasing costs of security breaches growing (analyst approximate $840,000 per breach), enterprises are investing in numerous threat …
Video: Stop making excuses, it’s time to own your high impact vulnerabilities
Most systems are insecure, not because we don’t know about or understand the vulnerability but because we fail at planning and communicating the solution to address or …
What can we learn from ICS/SCADA security incidents?
Increasing numbers of recent security incidents against industrial control systems/SCADA raise questions about the ability of many organisations to respond to critical …
Featured news
Resources
Don't miss
- IntelMQ: Open-source tool for collecting and processing security feeds
- Quantifying cyber risk strategies to resonate with CFOs and boards
- Top 5 threats keeping CISOs up at night in 2025
- CISOs, are your medical devices secure? Attackers are watching closely
- Cybersecurity classics: 10 books that shaped the industry