Building an information security awareness program from scratch
Most security awareness programs suck. They involve canned video presentations or someone from HR explaining computer use policies. Others are extremely expensive and beyond …
Video: Operationalizing security intelligence in the enterprise
Many organizations say they acquire and use security intelligence for the benefit of their organizations – but few actually do this right. While security intelligence is …
Video: Malware Management Framework
You can throw lots of time and money at scanning your systems for unknown malware, but the reality is that you will only identify a small portion of the bad stuff. Changing …
The Internet of Things: Vulns, botnets and detection
Does the Internet of Things scare you? It probably should. This DerbyCon video discusses why embedded device security is laughably bad, handling vendor notification, and …
Video: Hacking back and active defense
In this DerbyCon video, John Strand will demonstrate the Active Defense Harbinger Distribution, a DARPA funded, free Active Defense virtual machine. He will debunk many of the …
Video: Antivirus evasion techniques
This video from DerbyCon discusses the basics of the AV evasion problem, what techniques work, which ones don’t and why. The talk has a particular focus on AV evasion as …
Video: DIY Command & Control for fun and no profit
Many security professionals have heard about Command & Control botnets, even more have been infected by them. Very few have had the opportunity to actually look inside …
Video: Stop making excuses, it’s time to own your high impact vulnerabilities
Most systems are insecure, not because we don’t know about or understand the vulnerability but because we fail at planning and communicating the solution to address or …
Video: Weaponizing your coffee pot
As SoC price continue to drop and their implementation continues to rise, connected appliances (Internet of Things) will be become an attractive avenue for cyber criminals. …
Video: Recent advances in IPv6 security
There are a number of factors that make the IPv6 protocol suite interesting from a security standpoint. Firstly, being a new technology, technical personnel has much less …
Video: How the grid will be hacked
There is a never ending stream of vulnerabilities in the mechanical and cyber systems that support the grid. So, why hasn’t there been any significant breach of the …
Video: Practical exploitation using a malicious SSID
In this video from DerbyCon, Deral Heiland discusses the leveraging of SSIDs to inject various attacks into wireless devices, and management consoles. The type of injection …
Featured news
Sponsored
Don't miss
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)