Last month, the popular online publication TechDirt published an article based on Golden Frog’s filing with the FCC that urged the commission to truly restore an Open Internet. A key portion of the article focuses on how we noticed that ISPs and wireless broadband providers can block encryption technologies if they desire.
I hate #$#*%^# spammers who creates an account only to post junk within our forums and all over the site. I need you help in reporting such abuse. If you see any strange posting for product, drug, or male enhancement drugs. Let me know.
Today we have done a major upgrade on our quiz engine at https://www.freepracticetests.org/ to better simulate the real exam interface you will get on the real test.
The role of nation-state actors in cyber attacks was perhaps most widely revealed in February 2013 when Mandiant released the APT1 report. Today we release a new report: APT28: A Window Into Russia’s Cyber Espionage Operations? This report focuses on a threat group that we have designated as APT28. Our report details additional information exposing ongoing, focused operations that we believe indicate a government sponsor based in Moscow.
BadUSB vulnerability is considered one of the worst IT vulnerabilities ever found.
Discovered a few months ago, this big security hole affects the way USB devices communicate with an operating system.
BadUSB is a major security flaw that allows online criminals turn a simple USB device, for example a keyboard, into a means of sending malicious commands from the user’s computer to trigger an action or contact a server controlled by hackers.
A great article from Sophos Naked Security Blog. It is a must read to understand, yet another SSL vulnerability. You will also see why learning a bit more about crypto is necessary to understand such attack. It does bring the knowledge you learned in the Cryptography domain to good use.
Today is a VERY sad day. I have just learned that my good friend and confident Shon Harris has passed away. The world of information security has just lost a great lady who helped thousands in their career. She was a close friend and I will miss her greatly.
Over the past year and even more frequently over the past weeks, we have seen multiple merchants having compromises of Credit Card number. The thieves are getting smart, they go after the common denominator which is the Point Of Sale (POS) software. Why bother compromising one company when you can compromise hundreds instead. See a very interesting article on the subject.
Bridging the Air Gap is a Ministry of Defence (MoD) sponsored research into the assurance of Cross Domain Solutions(CDS); to discover and examine the possible impact and exposure implications of establishing, operating and managing highly classified systems that are operationally required to multilaterally, multilevel interface with lower classified domains, coalition networks and possibly the Internet.
We now have a full set of MP3 files for all of the Domains of the CISSP certification.
The forums on the site are accessible to all members, even non paying members. This is where you can ask questions and get answers quickly. You can also subscribe to the forums you like to get an email when an answer is provided.
Software Development security is an important domain on the exam. Lack of knowledge and involvement of Security in the SDLC is one of the main cause of the issues we have today with enterprise software. Look at this great article from Jeff William telling you HOW to do it properly and giving you great link to learn more.
Here is the release of my Physical Security CBT, it is 2 Hours and 35 Minutes of training. It is the most thorough tutorial and the best tutorial you will find to get ready for the CISSP exam.
Here is the release of my Operations Security CBT, it is 2 Hours and 3 Minutes of training. It is the most thorough tutorial and the best tutorial you will find to get ready for the CISSP exam.
Here is the release of the Legal, Regulations, Compliance, and Investigations CBT, it is 2 Hours of training. It is the most thorough tutorial and the best tutorial you will find to get ready for the CISSP exam.
Here is the release of my Software Development Security CBT, it is 52 Minutes of training available. It is the most thorough tutorial and the best tutorial you will find to get ready for the CISSP exam. This is Part 2 of 2.
Another student who has passed their CISSP exam on the first trial using our resources and my recommended steps.
SophosLabs has uploaded a new security awareness video that is really well done. In two minutes you can teach your users How to pick a proper password. This is one video all of your users should see.
A nice tutorial on Assembly Language