Secure DevOps at RSA: 6 takeaways for better app sec
Over 600 security and DevOps practitioners got together once again last week for the DevOps Connect track at the annual RSA Security Conference in San Francisco. Now in its third year, and with almost...
View ArticleRSA reflections: ransomware and (the Internet of) things
I just got back from RSA, and with over 700 sessions during the conference, there were certainly no shortage of thought-provoking material on current and future cybersecurity challenges. For me, a...
View ArticleFewer Than One-Fourth Of Cybersecurity Job Candidates Are Qualified
ISACA report finds that 55% of security jobs take three- to six months to fill, and under 25% of candidates are qualified for the jobs they apply for. Sobering news on the cybersecurity hiring front:...
View ArticleEFF: Half of all web traffic is now encrypted
Encrypted web traffic has gone from a far-off dream from privacy advocates, to something we take for granted and hardly notice. That little green lock or "https" in front of a web address means your...
View ArticleWhy Small Businesses Need To Take Their Security Seriously
Hopefully, you’re not one of the small business owners that didn’t get the memo. Yes, it is true that your security is an important part of running a successful business. This isn’t supposed to be...
View ArticleWriting successful bug submissions - Bug Bounty Hunter Methodology
This is the fourth post in our series: "Bug Bounty Hunter Methodology". Today's is a guest post from Scott Robinson, @sd_robs on Twitter andSRobin on Bugcrowd. Read on to learn how to write a...
View ArticleSHA-1 Collision Spells the End for Old Algorithm
Engineers at Google have created the first SHA-1 collision, an achievement that should lay to rest any remaining doubts about the practical security of the hash function. Cryptographers and security...
View Article10 Cyber Security Questions with Radware’s Pascal Geenens
Radware’s Pascal Geenens walks us through 10 questions regarding the cyber security threat landscape, trends in the Darknet, motivations for attacks, and much more. What is the defining trend for the...
View ArticleHalf of 2016’s phishing attacks aimed to steal money
Almost half (47.48 percent) of all phishing attacks in 2016 were aimed at stealing victim's money, and the amount of financial phishing attacks increased by 13.14 percent according to a new report. The...
View ArticleWhy agencies should work with security (Part 1)
Why it’s time for agencies to start working with security The main reason to add security to your offer is not that you will make more money, but because it is best for your clients. By adding security...
View Article全球能源互联网研究院招聘信息安全工程师
全球能源互联网研究院(以下简称“联研院”)是国家电网公司直属科研单位,国内首家专业从事全球能源互联网关键技术和设备开发的高端研发机构。在信息安全领域,联研院主要从事电网信息安全体系架构设计,关键核心安全防护装备和系统研发,开展信息系统安全渗透、漏洞挖掘、监测预警分析技术研究。同时负责国家电网公司“信息网络安全重点实验室”和“国家能源智能电网研发(实验)中心―信息安全技术分中心”的建设与运营。...
View Article周鸿yN演讲全文:怒挺白帽子,自爆当年研究病毒往事
雷锋网按:今天(2月23日),360董事长周鸿yN在360安全应急响应中心的三周年庆典活动上,表达了自己对白帽子黑客的态度以及未来网络安全人才引导的思路。他呼吁企业给予善意的白帽子支持和理解的态度,呼吁政府出台政策对白帽子这类安全人才进行保护和鼓励。...
View ArticleMost hackers can steal data within 24 hours, study shows
More than eight in 10 hackers can break through cyber security defences, access IT systems they target and steal data within 12 hours, a study has revealed. However, the breach may not be discovered...
View Article米斯特白帽培训讲义(v2)漏洞篇 弱口令、爆破、遍历
米斯特白帽培训讲义 漏洞篇 弱口令、爆破、遍历 讲师: gh0stkey 整理: 飞龙 协议: CC BY-NC-SA 4.0 成因 弱口令没有严格和准确的定义,通常认为容易被别人(它们有可能对你很了解)猜测或被破解工具破解的口令均为弱口令。弱口令指的是仅包含简单数字和字母的口令,例如”123”、”abc”等,因为这样的口令很容易被别人破解。 通过爆破工具就可以很容易破解用户的弱口令。 危害...
View ArticleTop 10 Must Have Self-Service BI Governance Capabilities
If self-service business intelligence initiatives are on your agenda, follow these 10 best practices for ensuring proper governance. More Data & Analytics Live at Interop ITX Although self-service...
View ArticleIDG Contributor Network: 2 ways new security technology will change your life
Like water always flows through the path of least resistance, humans gravitate towards the most efficient ways of living. As a global community, our ability to quickly adapt to new methods and...
View ArticlePCs still at risk from end-of-life programs
The latest software vulnerability report from Secunia Research at Flexera Software reveals that the average US private PC user has 75 installed programs on their PC, 7.4 percent of which are no longer...
View ArticleFrom RSA, secrets of secure DevOps: Enable, educate, automate
Many security managers have experienced the stomach-dropping moment when they realize their systems have been breached. Zane Lackey , the founder and chief security officer of theagile development...
View ArticleHackers spam Counter-Strike: Global Offensive to spotlight security flaws
Gamers logging on to Valve’s popular first-person shooter, Counter-Strike: Global Offensive (CS:GO), earlier this week found themselves confronted by a rather aggrieved and aggressive wall of text...
View ArticleWrangling Data Risk: Discovery, Detection, and Protection
RSA Week is that hallowed time of the year when every security professional seeks to learn and discover the latest technology and tricks of the trade that allow them to be more efficient at their jobs....
View Article