Collaborate Disseminate
Earlier this year, we faced a growing volume of infections related to a vulnerability in outdated versions of the Newspaper and Newsmag themes. The infection type was always the same: malicious javascript designed to display unauthorized pop-ups or co… Continue reading Javascript Injection Creates Rogue WordPress Admin User
Metrics are critical for measuring and expanding an application security program. And there are a lot of important numbers you need to track to gauge your program’s progress, but sometimes you need one number that sums up your progress. Executiv… Continue reading When You Need to Report a Single AppSec Metric: Our Recommendation
Where I preach for a minute: The stuff of work for a knowledge worker is not information, it is interaction. This is because information is the result of interaction – interaction is more fundamental than information and I think this is crucial t… Continue reading On the Primacy of Interactions
Through the end of 2016 and throughout 2017 multiple Mirai based botnets targeted multiple Akamai customers. The very first Mirai attack however was a multi-day barrage, weighing in at a peak of 620/Gbps that sent shockwaves across the Internet. The s… Continue reading Akamai, Mirai, & The FBI
Example multidimensional data plot from https://commons.wikimedia.org/wiki/File:Scatter_plot.jpg
In this article I’ll describe some of the design challenges and thought processes I go through when solving a common “entity list” design… Continue reading How-to nail data viz design for multidimensional data (Part 1)
The Problem with Active Directory Since it was introduced in 2000, Active Directory has become the most critical application for the majority of enterprises. The problem is, that in the almost two decades since it was released, the enterprise security … Continue reading Attacking Active Directory: Tools and Techniques for Using your AD Against You
The digital world of Bitcoin is ablaze with profit, speculation, and potential riches for all – unfortunately, scammers are in on the action and will stop at nothing to relieve the unwary of their digital fortunes. From the oldest tricks in the bo… Continue reading There’s a hole in my bucket: Bitcoin scams aim to exploit volatile market
Permalink
The post DerbyCon 2017, Lee Christensen, Matt Nels & Wil Schroeder’s ‘An ACE in the Hole: Stealthy Host Persistence Via Security Descriptors’ appeared first on Security Boulevard.
Continue reading DerbyCon 2017, Lee Christensen, Matt Nels & Wil Schroeder’s ‘An ACE in the Hole: Stealthy Host Persistence Via Security Descriptors’
Via the jaundiced eye(s) of Nitrozac and Snaggy at The Joy of Tech®.
Permalink
The post The Joy of Tech®, ‘The Ads Are Snitching On Us’ appeared first on Security Boulevard.
Continue reading The Joy of Tech®, ‘The Ads Are Snitching On Us’
A Summer to Forget for the Healthcare Industry While we’re amidst the throes of winter, when it comes to cyber security, one industry is happy the summer is long over. It was a pretty bad summer for the healthcare industry and email security and … Continue reading Do You Know What Healthcare Did Last Summer?