A Physical Solution to a Software Problem
Thinkst is a small security organisation and one of its member recently published a post on their blog regarding the security of an encrypted USB drive. One of his friend lost the password to his USB...
View ArticleWipe out/Factory Reset some Android’s phones
According to this FRENCH WEBSITE, a major security vulnerability has been disclosed at the Ekoparty 2012 Security Conference which affects some android handsets. It it is possible to reset those...
View ArticleDistributed Credential Protection
RSA recently announced their Distributed Credential Protection (DCP) technology which should help address the impact of passwords leakage/theft when the system where they are stored gets compromised....
View ArticleOld tricks will always work…
There is something about deception, it can bypass a lot of security controls through a very basic principle, to make you believe about something that isn’t there. It is a bit like magic. Like this...
View ArticleIs that the holy grail for critical systems?
Kaspersky Lab just announced they are working on their own Operating System for critical systems. This is something that is increasingly needed, but is Kaspesrky the best entity suited to produce such...
View ArticleSecurity Onion and seeing through HTTPS
Security Onion is an Open Source Linux distribution that makes deploying an IDS/NSM a very easy task indeed and I highly recommend you try it at home. Especially since you can do everything in a VM…...
View ArticleBoxcryptor, a great tool to secure your cloud storage solution.
I made my feelings very clear about the use of Dropbox in the enterprise, through a previous post. I still believe Dropbox and similar other cloud sotrage solutions such as Google drive or Sky Drive...
View ArticleIs there a bug with McAfee
There is something quite surreal with what is happening with John McAfee; the author of the popular McAfee Antivirus and who is rich, lives in Belize and has recently been accused by the authority to...
View ArticleSANS 575: Mobile Device Ethical Hacking Review
In the last two years I have been to a few SANS training courses: 508: Advanced Forensic 617: Wireless Ethical Hacking 660: Advance PenTest Last week I attended the SANS 575: Mobile Ethical Hacking...
View ArticleMobile devices security, history repeating itself: Harder, Faster, Stronger...
Following up on my SANS 575: Mobile Device Ethical Hacking course review, below is my take on the current state of Mobile Devices security. First, let me define what I mean by mobile devices:...
View ArticleA new iOS 6.1 hack
As seen on the Hacker news, there is currently a way to bypass the iPhone lock screen (iPad with SIM too?) running iOS 6.1.x I had to change the steps listed in “The Hacker news” slightly for it to...
View ArticleEvernote hacked, an early warning for the Cloud Storage storm coming?
In recent years I have written various articles warning of the risk related to uncontrolled cloud storage solutions usage in the corporate world. Evernote is a popular online note storage solution...
View ArticleA story about Password – The Wrong Formula
In this article I will first talk about some missconceptions as to what is considered a secure password and then about you can leverage different technologies to help you with all your passwords. In...
View ArticleiOS7 and Mavericks Security
There is an interesting article HERE that describes the new security features of iOS7 and Mavericks. It also asks some interesting questions that still need answering.
View ArticleThe right (way) to disclose vulnerabilities
An article was discussed last month in The Guardian and The BBC explaining how a research paper from the University of Birmingham had been barred by a judge from being published because it discussed...
View ArticleMobile Device Management Limitations
Current MDM frameworks, unless using some kind of container approach, will always play catch-up to hackers wanting to bypass the controls enforced to their phones, as highlighted in the following...
View ArticleNew iPhone 5S Fingerprint reader, a step in the right direction!
Apple has just announced two new models of iPhones, one of them is the iPhone 5S which comes with a fingerprint reader. Like others I believe this is no silver bullet, but it is a step in the right...
View ArticleUsing a phone as a keylogger, next it will be a smartwatch!
There is an interesting paper from Georgia Tech College describing a clever proof of concept where a phone is used to eavesdrop on keystrokes. This is done by leveraging the phone motion sensor...
View ArticleA new look
It seems I refresh the look of this website every 3 years and 3 years was up so here the new look :) I decided to go with a slick, low maintenance theme. It has also been a few months since I updated...
View ArticleApple Security in the Enterprise
There is a good document from the UK government describing the different security features available in Apple Mac OS X 10.8 and the ones you should consider if using a Mac as an enterprise end point:...
View Article
More Pages to Explore .....