Collaborate Disseminate
A noted Google developer has discovered a troubling flaw in a popular password manager that Windows 10 installs by default. Hackers could get their hands on user passwords via clickjacking and/or malicious code-injection techniques. Google Project Zero… Continue reading Leaky Windows 10 password manager allows hackers to steal your data
There’s been a continuous increase in the use of Machine Learning but, despite the recent hype, the technology is not new. While researchers have been playing with artificial neural networks from as early as the 1950s, machine learning is no… Continue reading Limitations of Machine Learning algorithms in malware detection
漏洞概要 以下安全公告描述了QNAP QTS的一个内存损坏漏洞,成功利用该漏洞… Continue reading SSD安全公告-QNAP QTS未经认证的远程代码执行漏洞
Is your security workflow backwards? Curious what I could be talking about here? Have a look at my latest DarkReading piece where I discuss this important question: https://www.darkreading.com/risk/is-your-security-workflow-backwards-/a/d-i… Continue reading Is you security workflow backwards?
Do you want to live with a big rock, a fancy dog, a tailored suit, or a flexible ecosystem? In other words, what’s the best way to procure cybersecurity technology? That sounds like a trick question, but it isn’t. While most cybersecurity p… Continue reading The Best Way to Procure Cybersecurity Technology
2017 was a busy year full of malware attacks and data breaches. Yes, these events caused (at least) their fair share disruption and damage. But as the year draws to a close, our attention should move beyond those immediate consequences in an effort to … Continue reading A Look Back at 2017 — Digital Security Lessons Learned
We want more of the CIA Triad. No, this has nothing to do with the US government agency. It stands for “confidentiality, integrity, and availability.” What it alludes to is the idea of protecting access to privileged information (confidenti… Continue reading Foundational Controls that Assure Integrity
Deception technologies, over the last three-ish years, have come into vogue; with more than a dozen commercial vendors and close to a hundred open source products available to choose from. Solutions range from local host canary file monitoring, through… Continue reading Deception Technologies: Deceiving the Attacker or the Buyer?
I know some folks had a bit of fun with the previous post since it exposed the fact that I left out unique MQTT client id generation from the initial 0.1.0 release of the in-development package (client ids need to be unique). There have been some serio… Continue reading mqtt Development Log : On DSLs, Rcpp Modules and Custom Formula Functions
Permalink
The post DerbyCon 2017, Eric Conrad’s ‘Introducing DeepBlueCLI v2 Now Available In PowerShell And Python’ appeared first on Security Boulevard.
Continue reading DerbyCon 2017, Eric Conrad’s ‘Introducing DeepBlueCLI v2 Now Available In PowerShell And Python’