Wireshark is a must-have (and free) network protocol analyzer for any security professional or systems administrator. It's like Jaws, only for packets.
Stories by J.M. Porup
Penny-wise, pound-foolish: Letting old domain names expire might save a few bucks a year, but lets attackers register your old domain and pretend to be you.
Defenders find this simple tool valuable for finding vulnerable devices attached to the web that need to be secured.
With XSS, attackers enter malicious code into a web form or web app URL to trick the application into doing something it's not supposed to do.
A massive internet blackout similar to the Dyn DNS outage in 2016 could easily happen again, despite relatively low-cost countermeasures, according to a new study out of Harvard University.
SQL injection attacks are well-understood and easily preventable, and the priority for risk mitigation should be preventing SQL injection attacks in the first place. Listen to Little Bobby Tables and sanitize your database inputs.
Shiny buttons that go "ping!" considered harmful.
Qubes OS defends at-risk enterprise users from targeted attacks, as well as drive-by malware and the Meltdown exploit.
To few eyeballs on code is a security issue. Can FreeBSD, OpenBSD, and NetBSD survive?
Humans make irrational decisions under pressure. Security training needs to focus on changing behavior, not just raising awareness. Using effective analogies can help.
You need to apply Meltdown and Spectre patches to pretty much everything in your enterprise. And you need to start now. We help you prioritize.
AWS's new GuardDuty and Macie offerings unleash the power of machine learning to secure your data. Are they right for your enterprise?
Some information security insiders raised a red flag when Russian requests to review security software code became known. The controversy may be a tempest in a teapot.