Recently, 2.27 million computers running Windows were infected with malware signed with a stolen certificate from the creators of a popular app called CCleaner, and inserted into its software updat…

The holy grail for cyber is to measure and communicate risk in financial terms and come up with a mitigation plan that works for security professionals, all while speaking to the CEO, CFO and the board. The good news is that the basic formula for figuring…

The rising trend in phishing attacks across email and websites is spilling
over to mobile applications. Learn about the attack vectors and how to
mitigate.

How we deployed StackRox to harden database security on our public Docker container cluster running the CrateDB database.

Introduction CVE-2017-11779 fixed by Microsoft in October of 2017, covers multiple memory corruption vulnerabilities in the Windows DNS client. The issues affect computers running Windows 8/ Server 2012 or later, and can be triggered by a malicious DNS response.…

You are fed up with with your dear friend and bitter rival, Steve Steveington. He claims to have no idea how all your D&D characters came to be renamed “Sir Doofus McGoofus <obscene drawing&...

1 points and 0 comments so far on reddit

Leaders in Information Security

On September 28, 2017, Qihoo 360 Core Security (@ 360CoreSec ) detected an in-the-wild attack that leveraged CVE-2017-11826, an office 0day ...

Subdomain takeover tutorial, explaining how to claim cloudfront domain. How to identify and claim hanging domains.

Step up your game with a modern voice & text chat app. Crystal clear voice, multiple server and channel support, mobile apps, and more. Get your free server now!

Dow Jones has a 'technical error' which caused the portal to report stories claiming that Google bought Apple for $9 billion.

I ran a poll on Twitter recently, trying to ask this question in an open way, to see what people thought. I was surprised that a lot of folks not only voted, but also shared some strong opinions. This was the final vote count:To be of value to #infosec community…

A collection of hacking / penetration testing resources to make you better! - vitalysim/Awesome-Hacking-Resources

Exploiting the popular Kaspersky antivirus software, Russian hackers searched millions of computers for American intelligence keywords. Israeli intelligence tipped off American officials.

When the first home assistants were announced, I was excited. A device I could wake up with a simple hotword that would answer my questions, set reminders,... by Artem Russakovskii in Exclusives, Google, Google Home, Google Home Mini, News, Videos

The leading global professional services company Accenture exposed its business data in a public Amazon S3 bucket. Disconcerting!

Spy phone software for Android, iPhone, Blackberry mobile phones allowing you to spy all recorderd conversations, phone surroundings, SMS, GPS location etc.

Read on the Web: Last week, I wrote about the rapid cycle of innovation happening with security technologies today — I’ve never experienced a time when every element of the security st...

So What? What does this mean to me? That's the question that you need to answer. Depending on who you talk to, the answer will be different. In Security you need to apply it to those questions, So What? It's the hardest question to answer, but if you don't…