Articles
  • Mobile forensics in a connected world

    In this interview, Andrew Hoog, CEO of viaForensics, talks about the forensic examination of mobile devices, the challenges involved with testifying at trials, and offers advice to those interested in working in the mobile security forensics field.

  • Malicious and risky apps on Android and iOS

    Knowingly or unknowingly to the user, some apps can collect GPS data, grab your contact information, your phone ID, email address, etc.

    In this podcast recorded at Black Hat USA 2014, Mike Raggo, Security Evangelist at MobileIron, talks about the risky behavior of certain apps downloaded from Google Play or the App Store.

  • 5 tips for security behavior management programs

    Security awareness has long been a point of frustration for information security professionals. While many organizations conduct awareness training of some kind, they have struggled to develop effective training, as posters and knick-knacks urging employees to change passwords frequently have failed to improve their security behavior. Consequently, employee behavior continues to be a common cause of data breaches, with some in the industry even concluding that improving user behavior is impossible.

  • Lessons learned from running 95 bug bounty programs

    Large companies such as Google and Facebook have dedicated teams that review bug submissions, verify valid bugs and reward security researchers, but that can be time and cost-prohibitive for most companies. Bugcrowd is making sure that every company can leverage the power of crowdsourced security.

    In this podcast recorded at Black Hat USA 2014, Casey Ellis, Founder and CEO of Bugcrowd, talks about the lessons they've learned after running 95 bug bounty programs as well as the different types of researchers that take part in their programs.

  • Big Data is big noise

    Big Data was supposed to be the solution to all our security problems, but this spotlight on intruders turned out to be a mess of white noise. Hiding comfortably in that noise, however, are legitimate indicators that point to valid network threats, such as suspicious user behavior.

  • How PCI DSS 3.0 impacts business owners

    Based on insight from security experts, the card brands, and merchants, the PCI Security Standards Council periodically refines the guidelines to reflect current data security risks and best practices. While the changes are intended to help merchants make transactions safer for themselves and consumers, updates to the rules can also be highly confusing for business owners.

    What do you need to know about the new version, and how can you prepare for more changes on the horizon?

  • IT security is a matter of accountability

    Raj Sabhlok, President at Zoho, explains how understanding IT security is now a key responsibility for the modern CEO.

  • Patching: The least understood line of defense

    Even IT pros that understand patching too often hate it. Because of myriad systems involved, and the large number of patches, the process is not just constant, but can be extraordinarily complex. One canít just install a patch and forget it, as with Windows Updates where the fixes are well vetted. On servers in particular, patches may need to be tested, then installed, and too often reinstalled due to a bad patch or software conflicts. All to defend against an attack that may or may not happen.

  • 5 things infosec can learn from adventure games

    As an active adventure gamer and a natural seeker of reusable patterns, Iíve noticed that some of the things I do to achieve success in video games can be applied to information security.

  • The economics of hacking

    In this podcast recorded at Black Hat USA 2014, Wade Williamson, Security Researcher at Shape Security, talks about the economics of hacking and how some of today's techniques are trying to invert it.

Videos      Podcasts



Spotlight

How to talk infosec with kids

Posted on 17 September 2014.  |  It's never too early to talk infosec with kids: you simply need the right story. In fact, as cyber professionals itís our duty to teach ALL the kids in our life about technology. If we are to make an impact, we must remember that children needed to be taught about technology on their terms.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Sep 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //