Researchers at the Black Hat 2015 conference this week will show how to crack Internet routing protocols, malware-detecting honeypots, radio-frequency ID gear that gates building access, and more, but also offer tips on how to avoid becoming victims to their new attacks.
Tim Greene | 01 Aug | Read more
Security researchers have long known about the vulnerabilities of the RFID readers that many buildings use instead of door locks, but facilities managers have been slow to upgrade to more secure systems.
Maria Korolov | 28 Jul | Read more
If we look at the headlines surrounding recent data breaches, we might conclude that the role of the chief information security officer (CISO) has never been more critical to the success and sustained well-being of an organization. As a by-product of this statement, we also might surmise that the information security organization and where it reports into is also important. This is probably why every recent CISO event includes a conversation about where the CISO and information security program should reside within an organization. The challenge is that however healthy the debate, the question about where the CISO and his/her department should report generally ends with, 'it depends'. To shift from a debate to productive action, maybe the question is not where should the CISO report into [<a
By Brian Engle | 29 Oct | Read more
Vulnerabilities found in remote management software that carriers insist be installed on smart phones and other mobile-enabled devices they sell are likely to put many devices at risk of compromise for some time to come.
Lucian Constantin | 08 Aug | Read more
There is a scene in HBO's adaption of Game of Thrones where a character counsels the king to dismiss the rising power of one of his rivals because "curiosities on the far side of the world" are no threat. A season later, that rival has three dragons and an army under her control.
Jason Clark | 25 Jun | Read more
Accuvant's Ryan Smith talks about disclosure, bounty programs, and vulnerability marketing with CSO, in the first of a series of topical discussions with industry leaders and experts.
Steve Ragan | 29 Jun | Read more
Physical perimeter security can differ from facility to facility, with myriad factors playing into what exactly is implemented, including budget and the assets that are being protected.
Grant Hatchimonji | 24 Jun | Read more