Lohrman on Security
NOVEMBER 28, 2021
The world seems focused on new developments in artificial intelligence to help with a wide range of problems, including staffing shortages. But will AI help or harm security teams
Krebs on Security
OCTOBER 31, 2021
Virtually all compilers — programs that transform human-readable source code into computer-executable machine code — are vulnerable to an insidious attack in which an adversary can introduce targeted vulnerabilities into any software without being detected, new research released today warns.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Troy Hunt
JULY 21, 2021
When the Ashley Madison data breach occurred in 2015, it made headline news around the world. Not just infosec headlines or tech headlines, but the headlines of major consumer media the likes my mum and dad would read.
Lohrman on Security
DECEMBER 23, 2021
What will the New Year bring in cyber space? Here’s your annual roundup of the top security industry forecasts, trends and cybersecurity prediction reports for calendar year 2022
Speaker: William Hord, Senior VP of Risk & Professional Services
This exclusive webinar with William Hord, Senior VP of Risk & Professional Services, will explore the foundational elements you need to start or validate your ERM program. He will also dive into topic definitions, governance structures, and framework components for success.
Joseph Steinberg
NOVEMBER 30, 2021
Giving Tuesday has arrived… and, so have many criminals who seek to exploit people’s sense of generosity.
Lohrman on Security
JULY 11, 2021
With a red-hot job market and great career prospects, more and more people want to know what they have to do to get a cybersecurity job — or better yet a career. Here’s my perspective
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Joseph Steinberg
JULY 8, 2021
Troy Hunt
JULY 13, 2021
I've spent more time IoT'ing my house over the last year than any sane person ever should. But hey, it's been strange times for all of us and it's kept me entertained whilst no longer travelling.
Schneier on Security
AUGUST 18, 2021
Apple’s NeuralHash algorithm — the one it’s using for client-side scanning on the iPhone — has been reverse-engineered. Turns out it was already in iOS 14.3,
Speaker: Dr. Karen Hardy, CEO and Chief Risk Officer of Strategic Leadership Advisors LLC
Join this exclusive webinar with Dr. Karen Hardy, where she will explore the power of storytelling in risk communication as a core component of a resilient organization's management framework!
Adam Shostack
MAY 15, 2021
The Colonial Pipeline shutdown story is interesting in all sorts of ways, and I can’t delve into all of it. I did want to talk about one small aspect, which is the way responders talk about Darkside. Blog posts from Sophos and Mandiant seem really useful!
The Last Watchdog
AUGUST 19, 2021
TMobile has now issued a formal apology and offered free identity theft recovery services to nearly 48 million customers for whom the telecom giant failed to protect their sensitive personal information.
Adam Levin
FEBRUARY 8, 2021
An Android app with over 10 million installations spread malware to its users in a recent update. Barcode Scanner is an app available in the Google Play store for Android devices. A December 2020 update infected users with a Trojan-style malware that bombards users with unwanted advertising.
Daniel Miessler
SEPTEMBER 12, 2021
This post will talk about my initial thoughts on The OWASP Top 10 release for 2021. Let me start by saying that I have respect for the people working on this project, and that as a project maintainer myself, I know how impossibly hard this is.
Speaker: Ryan McInerny, CAMS, FRM, MSBA - Principal, Product Strategy
This exclusive webinar with Ryan McInerny will teach you all about cryptocurrency and NFTs! Register to learn more about identifying crypto transactions, crypto asset market trends, managing risk and compliance, and supporting customers and partners using crypto-based payments.
Javvad Malik
FEBRUARY 11, 2021
First off, happy new year! Well if the tax man can start the new year in April, I can start it on Feb 11th!). Secondly, Infosecurity Magazine was ever so kind as to feature an interview with me in the Q1, 2021, Voume 18, Issue 1 edition.
Anton on Security
DECEMBER 21, 2021
As we discussed in “Achieving Autonomic Security Operations: Reducing toil” (or it’s early version “Kill SOC Toil, Do SOC Eng” ), your Security Operations Center (SOC) can learn a lot from what IT operations learned during the SRE revolution.
Krebs on Security
OCTOBER 4, 2021
Facebook and its sister properties Instagram and WhatsApp are suffering from ongoing, global outages.
Joseph Steinberg
JUNE 15, 2021
Major American banks and various other parties serving them are each spending $1 Billion per year on cybersecurity, according to Bank of America’s CEO, Brian Moynihan.
Speaker: Alex Jiménez, Managing Principal, Financial Service Consulting for EPAM
The largest banks have increased reserves for protection against deteriorating economic conditions. Should banks delay their digital transformation investments and focus on cost reductions? In this webinar, Alex Jiménez will walk us through that question and examine the prudent course of action.
Lohrman on Security
JULY 18, 2021
Global leaders want to carve out specific areas of critical infrastructure to be protected under international agreements from cyber attacks. But where does that leave others
Troy Hunt
DECEMBER 19, 2021
In the last month, there were 1,260,000,000 occasions where a service somewhere checked a password against Have I Been Pwned's (HIBP's) Pwned Password API. 99.7%
Schneier on Security
AUGUST 9, 2021
This is a really interesting story explaining how to defeat Microsoft’s TPM in 30 minutes — without having to solder anything to the motherboard.
Adam Shostack
FEBRUARY 15, 2021
Abhay Bhargav has a really excellent post on Better OKRs for Security through Effective Threat Modeling. I really like how he doesn’t complain about the communication issues between security and management, but offers up a concrete suggestion for improvement. Key quote: “Effective Threat Modeling by itself can ensure that your OKRs and AppSec Program are not only in great tactical shape, but also help define a strategic roadmap for your AppSec Program.”
Speaker: Elizabeth "Paige" Baumann, Founder and CEO of Paige Baumann Advisory, LLC
In this session, Elizabeth “Paige” Baumann will cover the Anti-Money Laundering Act of 2020, which also includes the Corporate Transparency Act. She'll take a deep dive into the catalysts that brought on the act, the current implications of the act, and what impacts the act has on the future of banking and finance.
The Last Watchdog
NOVEMBER 8, 2021
There’s no doubt, the increasing use of telemedicine, the explosion of health-based cloud apps, and innovative medical IoT devices are improving the patient care experience. Related: Hackers relentlessly target healthcare providers.
Adam Levin
JUNE 4, 2021
You would think that ExaGrid, a backup appliance and anti-ransomware service might know how to avoid ransomware, but it was hit. .
Daniel Miessler
MARCH 24, 2021
This post is an attempt to create an easy-to-use security model for the average internet user. Basically, how secure is someone’s current behavior with respect to passwords and authentication, and how can they improve? People like moving up rankings, so let’s use that!
Javvad Malik
NOVEMBER 3, 2021
I’ve seen VC’s fund many security and tech startups. Lots of the ideas are rubbish, so I’ve come up with my own ideas that aren’t rubbish so VC’s can fund me instead. Don’t steal any of my ideas or I will sue you! Take a human skull and 3D print an eyeball on it, add Linux to the inside where the brain would be. Website uses photo of person looking out from screen with windows environment running, call this cyberSURVIVOR.
Speaker: William Hord, Vice President of ERM Services
Join us as we discuss the various tangents of data and the change management process that will help you make better risk-based business decisions to save time and money for your organization.
Tech Republic Security
DECEMBER 14, 2021
Log4j is a serious vulnerability that has swept across the IT landscape quickly. Here's a single command you can run to test and see if you have any vulnerable packages installed
Krebs on Security
NOVEMBER 19, 2021
One of the more common ways cybercriminals cash out access to bank accounts involves draining the victim’s funds via Zelle , a “peer-to-peer” (P2P) payment service used by many financial institutions that allows customers to quickly send cash to friends and family.
Joseph Steinberg
JUNE 7, 2021
Every so often, I encounter an unusual technology device that so well solves a problem that I have encountered many times that I cannot imagine not adding the product to my arsenal of tools, even if it is not something that I would necessarily use every day. The Hushme is one such offering.
Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster
In this webinar, Ronald Eddings, Cybersecurity Expert, will outline the relationship between SaaS apps and IT & security teams, along with several actionable solutions to overcome the new difficulties facing your organization.
Expert insights. Personalized for you.
357 
Let's personalize your content