One of the first things to catch my eye this week at RSA was a press release by STEALTHbits on their latest Data Governance release. They’re a long time player in DG and as a former employee, I know them fairly well. And where they’re taking DG is pret…
RSA Conference 2014
I’m at the RSA Conference this week. I considered the point of view that perhaps there’s something to be said for abstaining this year but ultimately my decision to maintain course was based on two premises: (1) RSA didn’t know the NSA had a backdoor w…
80% of SOHO Routers Contain Vulnerabilities
It has become increasingly obvious in recent months that routers are being targeted by attackers – even the NSA uses this attack vector as part of its Quantum Injection program. Now a new survey suggests that as much as 80% of the best-selling SOHO rou…
ISACA Issues First COBIT 5 Audit Programs
Global IT association ISACA has issued the first of more than 30 audit programs that will align with the COBIT 5 business framework, which helps enterprises govern and manage their information and technology.
Tinder App Allowed Users to Precisely Locate Others
Tinder is a very popular mobile dating app. It is designed to allow people to ‘meet’ virtually before deciding whether they would like to meet for real. Unfortunately, Tinder has a history of allowing one user to physically locate another, even if the …
96% of Applications Have an Average of 14 Vulnerabilities
The latest Cenzic report on application vulnerability trends shows that things aren’t getting any better. All software has bugs, and almost all of them have bugs that are security vulnerabilities. In fact, on average, they have 14 separate vulnerabilit…
96% of Applications Have an Average of 14 Vulnerabilities
The latest Cenzic report on application vulnerability trends shows that things aren’t getting any better. All software has bugs, and almost all of them have bugs that are security vulnerabilities. In fact, on average, they have 14 separate vulnerabilit…
Microsoft Pays Another $100K Bug Bounty
Microsoft has paid out its second $100,000 bug bounty since launching its reward program in mid-2013. The award brings total payouts for the program to $253,000 in under a year.
Zeus Trojan Now Hiding in Plain Sight – Using Pictures
A new variant of the notorious Zeus banking trojan is making the rounds, with a new approach that uses steganography, a technique that allows it to disguise data inside of an existing file without damaging it.
Scariest Search Engine on the Internet Just Got Scarier
CNN Money described Shodan as “The scariest search engine on the Internet.” Forbes called it a “terrifying search engine.” Unlike Google, Shodan searches for internet-connected devices (which could have known vulnerabilities) rather than information. F…