My thoughts on the Ashley Madison breach from my interview with Sky News
Whether he’s state sponsored, a lone hacktivist or part of a criminal syndicate, this is the man that will breach your fortress and steal your crown jewels.
We like to think we care about security. In fact we’re paid to care. But in reality we just don’t. And why would we?
PRESS RELEASE: Cognition Launches Insight Vulnerability Management as a Service Powered by Industry Leading WhiteHat Sentinel London, UK – April 27, 2015 – Cognition (cognitionsecure.com), the specialist cyber security integrator today announced the release of its ‘Insight’ service, bringing Vulnerability Management
Within the Infosec community, the role and value of IPS (Intrusion Prevention Systems) has been widely debated for a long time. What was originally seen as a brilliant new technology, coming along to bolster the ever weakening perimeter, is swiftly
Data breaches are a scary thing, especially when you’re directly affected. In recent times their growing number has brought IT Security headlines to the front page of every newspaper and a newfound consumer awareness of the concept of data security.
Name: POODLE – “Padding Oracle On Downloaded Legacy Encryption” Threat Type: Attack Severity: 5 Target: SSL v3 Release Date: 14th October 2014 Attack Surface: Small/Medium – Use of SSL v3 is being phased out in favour of TLS. Summary: Network
When we look at the world around us, everything can seem pretty much complete. And Security technology is no different. You’ve got your firewalls, email filters, proxies, desktop AV and a myriad of other controls you know you’ve just “got”
Today was a big day in the exciting world of authentication, with Google announcing support for hardware tokens as part of their “2 Step Verification” logon process. Specifically, Google now support U2F tokens (Universal 2nd Factor), a small hardware token
Name: CVE-2014-6321 / MS14-066 Threat Type: Vulnerability Severity: 10/10 Target: All unpatched versions of Windows Release Date: 11th November 2014 Attack Surface: Huge – every version of Windows is vulnerable. Summary: A privately reported vulnerability in the Microsoft Secure Channel (Schannel) security package