The automatic tools that are available online save the attacker the trouble of studying attack methods and coming up with exploits to applications’ vulnerabilities. An attacker can just pick a set of automatic attack tools from the ones that are freely available online, install them, point them at lucrative targets, and reap the results.
In this video, Rob Rachwald, Director of Security Strategy at Imperva, talks about how attackers are using automation to carry out attacks on web applications. Rob talks about Imperva's research into the most frequently used automated tools and also discusses how you can identify automated hacking.
Didier Stevens is an IT security consultant working for a large financial corporation in Belgium.
In this video recorded at Hack in The Box 2012 Amsterdam, Didier talks about hardening Windows processes and he discusses Microsoft's Enhanced Mitigation Experience Toolkit (EMET) as well as his own tool - HeapLocker.
Ivan Ristic, Director of Engineering at Qualys, talks about SSL Pulse - a continuous and global dashboard for monitoring the quality of SSL support across the top one million web sites.
Georgia Weidman is the founder of Bulb Security. She's also a penetration tester, security researcher, and trainer.
In this video recorded at Hack in The Box 2012 Amsterdam, Georgia talks about Android permissions. She dissects the permissions granted to a very popular application and talks about the various implications that not only invade your privacy but can actually cost you money. She also offers tips on how to protect yourself.
In this video recorded at Infosecurity 2012, Wolfgang Kandek, CTO at Qualys, talks about their recent research dealing with Java.
Many modern exploits use Java as a stepping stone to gain access to a system. While this has been common on computers running Windows for some time, recently Mac OS X users have become targets as well.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.