Today, I am a little off-center, and some have questioned why I have so much venom in my words on Twitter regarding Kevin Mitnick. Since explaining my actions in 140 character morsels is less than effective, I thought that I would take some time and explain my rationale. For starters, I do not have a [...]
I am getting excited about this conference. Even though it is in its first year of existance, DerbyCon has the potential to be the premier conference East of the Mississippi River this fall. Organized by my friends Dave Kennedy (ReL1K), Martin Bos (PureHate), Adrian Crenshaw (IronGeek), and Nick Hitchcock (nick8ch), the event has lined up some of [...]
Today, I am going to switch gears a little bit regarding my blog entries, and take a look at vulnerability scanners from an end user perspective. As you are no doubt aware, there are several to choose from. Rather than pander to a specific product, I would like to keep it general and list out some of [...]
As security practitioners, we are used to the notion of keeping our heads barely above water. Information Security is a thankless game, where our greatest success is when we remain at zero. If we succeed (or are succeeding), nobody notices. If we fail, everybody sees it or hears about it. The pressure to perform is [...]
By Camille Tuutti A team of computer science researchers is taking cues from nature to address one of the nation’s most urgent threats: cyberattacks. Research from 2011 shows that cyberattacks on government network systems increased almost 40 percent, and experts have declared digital intrusions as one of the top national security concerns. The Wake Forest University faculty-student [...]
(Full disclosure: This article firmly plays to my personal skill sets and career progression. Wherever possible, I have attempted to correct for my own bias) There has been a great deal of swirl lately regarding the topic of Chief Information Security Officers and what skills and/or qualifications are needed to position the organization for the [...]
I have recently attended a number of information security presentations. I honestly admire a presenter’s willingness to state a position in a public construct, regardless of whether I agree or disagree with the position or contents of the presentation. I will be honest… I have seen good presentations (watch Johnny Long’s Hackers for Charity Update at [...]
I was at the inaugural Hack3rcon last year, and had an absolute blast. The quality of the speakers was fantastic, and this year they are raising the bar again. Dave Kennedy (R3L1k), Martin Bos (purehate), Adrian Crenshaw (Irongeek), Keith Pachulski (Sec0ps), and Boris Sverdlik (JadedSecurity), as well as a number of other established security professionals [...]
Why do we continually blame the “user” for a lack of security awareness? Coming back from one of the most successful information security conferences in quite some time, it was difficult (but not impossible) to find something that needed improvement. I was confused and disappointed in the number of presentations that I attended that made [...]
This morning I was reading a new report that seems to have provided additional evidence of some of my suspicions regarding the total cost of offshoring decisions for information technology initiatives. Written by the Intelligence and National Security Alliance, the new report suggests (while in the context of the U.S. Government) that there may be hidden consequences [...]
This morning, I was listening to the Social-Engineer.org podcast with a special interview with Kevin Mitnick. It has been suggested that I was trolling Kevin, that I had a personal problem with Kevin, or that I hated Kevin and/or was jealous of him. This is simply not accurate. In my blog post, I state that, “Unfortunately, some people [...]
Today, I am a little off-center, and some have questioned why I have so much venom in my words on Twitter regarding Kevin Mitnick. Since explaining my actions in 140 character morsels is less than effective, I thought that I would take some time and explain my rationale. For starters, I do not have a [...]
I am getting excited about this conference. Even though it is in its first year of existance, DerbyCon has the potential to be the premier conference East of the Mississippi River this fall. Organized by my friends Dave Kennedy (ReL1K), Martin Bos (PureHate), Adrian Crenshaw (IronGeek), and Nick Hitchcock (nick8ch), the event has lined up some of [...]
Today, I am going to switch gears a little bit regarding my blog entries, and take a look at vulnerability scanners from an end user perspective. As you are no doubt aware, there are several to choose from. Rather than pander to a specific product, I would like to keep it general and list out some of [...]
Enter your email address below to receive updates each time I publish new content.
View Calendar
✔ Subscribe
Add to Google