ForAllSecure

FEBRUARY 23, 2021

They focus on the physical aspects-- some might say glamorous side -- of the job. Much less exciting, perhaps, but that’s only because Hollywood choses to focus only on the physical and not really get into the digital side. There’s plenty of work in the digital realm, important work. But that’s okay.

Penetration Testing 52

Penetration Testing InfoSec Cyber Attacks Education 52

Security Boulevard

JANUARY 18, 2024

Beyond the expected, we must also keep watch for the unpleasant surprises that can severely disrupt the security, trust, and capabilities of our digital world. Beyond the expected, we must also keep watch for the unpleasant surprises that can severely disrupt the security, trust, and capabilities of our digital world.

Risk 115

Risk Cybersecurity CISO Technology 115

McAfee

DECEMBER 1, 2021

For all our newcomers, welcome to the Advanced Threat Research team’s monthly bug report – a digest of all the latest and greatest vulnerabilities from the last 30-ish days based on merits just a tad more nuanced than sorting NVD by “CVSS > 9.0.” Your Cybersecurity Comic Relief . Why am I here? . What is it? .

DNS 90

DNS Firewall VPN Internet 90

Pen Test Partners

OCTOBER 9, 2023

Introduction This guide deals with threat modelling and early stages of development so that security issues and controls are identified before committing to manufacturing. Current attack methods, and the pitfalls we find in embedded designs, have been highlighted so that a finished product is as secure as it can be.

IoT 52

IoT Firmware Mobile Manufacturing 52

eSecurity Planet

DECEMBER 7, 2023

Proper use of encryption preserves secrecy and radically lowers the potential damage of a successful cybersecurity attack. The two most important encryption categories are symmetric and asymmetric encryption. Encryption scrambles data to make it unreadable to those without decryption keys. Definition, How it Works, & Examples.

Encryption 101

Encryption Authentication Passwords Password Management 101

CyberSecurity Insiders

SEPTEMBER 21, 2021

While OT devices have been in commercial use for more than 50 years, a complete transformation has occurred, changing the way we operate, interact with, and secure the OT environment. Threats that impact OT operations are not the same as those that impact IT environments, thus the required security tools and operating policies are different.

Energy and Utilities 101

Energy and Utilities Threat Detection Manufacturing Technology 101

LRQA Nettitude Labs

AUGUST 30, 2023

This article provides a technical analysis of Zenbleed , a side-channel attack affecting all AMD Zen 2 processors. Tavis Ormandy reported this vulnerability to AMD on 15 May 2023 and it was assigned CVE-2023-20593. red unlock) and internals (e.g. microcode structure), and a greater share of the server market at the time.

Firmware 52

Firmware Architecture Accountability Backups 52

Spinone

MARCH 20, 2019

This is especially true in the world of security. The best security defenses can be totally compromised by a single individual making the wrong decision, either accidentally or knowingly. The best security defenses can be totally compromised by a single individual making the wrong decision, either accidentally or knowingly.

Security Awareness 70

Security Awareness Wireless Ransomware Passwords 70

Cisco Security

AUGUST 28, 2023

The Black Hat Network Operations Center (NOC) provides a high security, high availability network in one of the most demanding environments in the world – the Black Hat event. We also provide integrated security, visibility and automation: a SOC (Security Operations Center) inside the NOC, with Grifter and Bart as the leaders.

Wireless 68

Wireless DNS Mobile Technology 68

ForAllSecure

MAY 26, 2022

The US Justice Department says it will no longer prosecute good-faith security researchers, but what constitutes good-faith security research? It was what the kids today would call an advanced persistent threat. Vamosi: Only for some, the threat of going to prison was too much. Is hacking a crime? Vamosi: Hackers.

Hacking 52

Hacking Technology InfoSec Media 52

SecureList

NOVEMBER 14, 2023

Advanced persistent threats (APTs) are the most dangerous threats, as they employ complex tools and techniques, and often are highly targeted and hard to detect. In January, ESET discovered a new wiper, deployed in an attack in Ukraine via the Active Directory GPO. A review of last year’s predictions 1.

Hacking 102

Hacking Energy and Utilities Media Malware 102