TORONTO – The security business is full of different terms and methodologies for describing the threat model. In a presentation at the SecTor conference this week, Chris Pogue, director of…
Every security researcher dreams of the day they can find one master vulnerability that acts like a skeleton key to unlock an entire system. Jeff Forristal, aka Rain Forest Puppy,…
Jeremiah Grossman, founder and CTO of Whitehat Security, has seen a lot of different types of security attacks in his time. He knows the most common types of attacks aren’t…
Secure Sockets Layer/Transport Layer Security is the foundational technology that secures Web transactions and communications, but it is not infallible. New research dubbed Lucky13 reveals that SSL/TLS is at…
In the beginning of the virus era, computer users were introduced to the concept of signature-based anti-virus scanners. It’s an idea whose time may well have come and gone. “Since…
The Metasploit penetration testing framework has always been about finding ways to exploit IT, in an effort to improve defense. The new Metasploit 4.5 release from security vendor Rapid7 goes…
TORONTO – For the last 35 years, Star Wars has been the cornerstone of mainstream and geek cultural awareness. While Star Wars is a piece of dramatic fiction, many have…
As users have moved more of their activities to the Web, fraudsters have followed, devoting more of their attention to creating security threats based on Web applications. The shift from…
In the modern world of web development, there are a set of new and emerging specifications sometimes grouped under the moniker HTML5. One of those specifications is the WebSocket API,…
LAS VEGAS. For the last decade, Apache web server users have been able to benefit from the open source ModSecurity Web Application Firewall (WAF). At the Black Hat security conference…
Subscribe to Cybersecurity Insider for top news, trends & analysis