Expert analysis
Proactive or reactive: Should that be the question?
For a number of years digital forensics has referred to “the application of computer investigation and analysis techniques to gather evidence suitable for presentation …
BYOD 2.0 and spotting the next big trend
In the 1960s and 70s the IT department was seen as a secret place ruled by powerful niche experts. They had total control of the department and who could access systems. The …
From identity and access solutions to access governance
The need to identify users, control what they can access and audit their activities is fundamental to information security. Over the past decade, there has been a tsunami of …
Automated hacking
The automatic tools that are available online save the attacker the trouble of studying attack methods and coming up with exploits to applications’ vulnerabilities. An …
Provisioning is not access governance
Organizations of all sizes face ever-stricter regulatory and security requirements to protect their data, and that of their customers. But user provisioning systems alone …
Raising user awareness about privacy issues
In this age of social networks, discovering personal information about users has become increasingly easy to do, and that information can be misused at a later date for …
The evolving nature of hacktivism
A recent Anonymous video admits that they’ve been fairly quiet lately. From an American and Western European perspective, this is somewhat true. In 2010, Anonymous built …
10 steps to ensure users only access what they need
Every organization faces one challenge to their IT security position – the user. It doesn’t matter how much security training and advice a person is given – …
Burning enterprise authentication issues
Threats keep evolving and are becoming more invasive, targets now go beyond the financial industry and involve any company that has sensitive information – whether its …
Hardening Windows processes
Didier Stevens is an IT security consultant working for a large financial corporation in Belgium. In this video recorded at Hack in The Box 2012 Amsterdam, Didier talks about …
Vulnerability disclosure framework for industrial control systems
The Industrial Control Systems Joint Working Group (ICSJWG) published “The Industrial Control Systems Common Vulnerability Disclosure Framework”, which is a …
Modern day pirates
Many of you will remember long summer days with the streets filled with laughing children congregating to play football or just hang out with their friends – I certainly …
Featured news
Resources
Don't miss
- Security gap in Perplexity’s Comet browser exposed users to system-level attacks
- MacOS DigitStealer malware poses as DynamicLake, targets Apple Silicon M2/M3 devices
- Is your password manager truly GDPR compliant?
- 7-Zip vulnerability is being actively exploited, NHS England warns (CVE-2025-11001)
- Exam prep hacked: Study tips and tricks that really work