Five Reasons CISOs Should Keep an Open Mind About Cryptocurrencies
Far from a dying breed, cryptocurrencies are not only evolving but being accepted in countless new markets. CISOs need to know the ins and...
Where Do Vulnerabilities Come From?
Vulnerabilities are an emergent property of modern software’s complexity, requested features, and the way data inputs are handled. - Read more
The Hunt for IoT: The Rise of Thingbots
With “thingbots” now launching Death Star-sized DDoS attacks, hosting banking trojans, and causing physical destruction, all signs point to them becoming the attacker infrastructure...
RSA in a “Pre-Post-Quantum” Computing World
Quantum computing is coming. What should your strategy be today to deal with what’s on the horizon? - Read more
From NSA Exploit to Widespread Ransomware: WannaCry Is on the Loose
The new EternalBlue NSA exploit is powering a wave of virulent ransomware sweeping across Europe. - Read more
The Hunt for IoT: The Networks Building Death Star-Sized Botnets
With a growth rate of 1,473% in 2016, the hunt for vulnerable IoT devices rages on... - Read more
Achieving Multi-Dimensional Security through Information Modeling – Part 1
Information modeling blends lateral thinking and deductive logic. Applied to information security, it’s a powerful technique for designing a security architecture with multi-dimensional controls...
The Conflicting Obligations of a Security Leader
Faced with competing pressures, CISOs are ultimately the experts at assessing what’s truly at stake in their organizations. - Read more
Application Threat Intelligence: What Do CISOs Need?
I’ve mentioned before how important strong risk management is to a CISO. When it comes to risk, the applications our users depend on are...
DDoS’s Newest Minions: IoT Devices (Volume 1)
The latest evolution of cyber weapons is brought to you by the default passwords in Internet of Things (IoT) devices. - Read more
Latest article
Hackers Use Six-Layer Persistence to Maintain Access on Compromised FreePBX Systems
A hacker group known as INJ3CTOR3 has been running an active campaign against FreePBX systems, deploying a newly discovered PHP webshell called JOMANGY that...
Metasploit Wrap Up 05/22/2026
Another week, another authentication bypassOur humble Metasploit weekly(ish) blog has been blessed with a new network component vulnerability. The dynamic duo of @sfewer-r7 and...
FBI warns of Kali Oauth stealers
The FBI has warned of the danger from a new wave of phishing attacks generated by a tool called Kali365....
Microsoft Warns: Windows Zero-Day ‘YellowKey’ Can Bypass BitLocker
Microsoft has released a temporary mitigation for YellowKey, a Windows zero-day that can reportedly bypass BitLocker protections.
The post Microsoft Warns: Windows Zero-Day ‘YellowKey’ Can...
