SophosLabs has uploaded a new security awareness video that is really well done. In two minutes you can teach your users How to pick a proper password. This is one video all of your users should see.
The Critical Security Controls focuses first on prioritizing security functions that are effective against the latest Advanced Targeted Threats, with a strong emphasis on "What Works" - security controls where products, processes, architectures and services are in use that have demonstrated real world effectiveness. The actions defined by the Controls are demonstrably a subset of the comprehensive catalog defined by the National Institute of Standards and Technology (NIST) SP 800-53.
This is a magazine published in Egypt and it has great content. The magazine is totally free and you don't need to go through registration and loops to get it, simply click on the link and download it. The way it should always be.
A small video interview made by SecureNinja TV at Defcon this year. Alicia Webb speaks with Blackphone CSO Dan Ford about the company's new phone, it's security features, and gives SNTV a demo of how the custom Android-based PrivateOS and custom hardware work together.
A cram study guide is a resume of all ten domains in only about 35 to 60 pages. It is an essential read the night before the exam to go over all of the key points you must remember for your exam. See below some of the best Cram Guides contributed over time.
CompTIA, the leading provider of vendor-neutral skills certifications for the world’s information technology (IT) workforce, today introduced a new version of its CompTIA Security+ exam. The new exam (SY0-401) is available immediately worldwide in an English language version. German and Japanese language exams will be introduced in the coming months.
Great presentation on DNS from Defcon done by Robert (Rob) Stucke.
See in attachment below a few graphics and spreadsheets showing the total number of CISSP per country worldwide as well as other certs maintained bye ISC2. As of this message there is a grand total of 94,041 CISSP's around the world.
A Rhode Island hospital must pay $150,000 after a data breach compromised more than 12,000 Massachusetts residents' personal information.
Today I have added multiple entries with errors that I have discovered within the Cryptography domain of the official book. Some of them are REAL BAD and plain wrong. I was suprise to see this.
Government and business are under constant cyber attack and must learn to "take the hit," says the director of a new cybersecurity training programme.
In this article you will find a short list of some of the leading books you can use to help you learn the content of the CBK®.
Writing passwords in Clear Text on a sticky note is bad, showing password in public media is even worst. See this behind the scene photograph of the World Cup security centre in Brazil, as published by local news outlet Correio Braziliense.
My friend Sid has some very interesting training for people who wish to learn more about Application Security.
I received an email from Qualys with some FREE security tools they offer. They are really worth a look.
Another nice video from Sam Bowne showing how a Fortigate 30D is affected by an RA Flood.
Great Video by Marc Heuser on the insecurities of IP V6. A must watch for all.
This publication addresses the engineering-driven actions necessary for developing a more defensible and survivable information technology (IT) infrastructure
Videos and information on how to use the HEISC security assessment tool for higher education.
This free spreadsheet tool from Educause can help identify gaps in a college or university security profile and kick-start a security conversation on campus.