Writing passwords in Clear Text on a sticky note is bad, showing password in public media is even worst. See this behind the scene photograph of the World Cup security centre in Brazil, as published by local news outlet Correio Braziliense.
My friend Sid has some very interesting training for people who wish to learn more about Application Security.
I received an email from Qualys with some FREE security tools they offer. They are really worth a look.
Another nice video from Sam Bowne showing how a Fortigate 30D is affected by an RA Flood.
Great Video by Marc Heuser on the insecurities of IP V6. A must watch for all.
This publication addresses the engineering-driven actions necessary for developing a more defensible and survivable information technology (IT) infrastructure
Videos and information on how to use the HEISC security assessment tool for higher education.
This free spreadsheet tool from Educause can help identify gaps in a college or university security profile and kick-start a security conversation on campus.
Cryptolocker is a preventable attack with some Security Awareness training.
NIST has released the final version of it's Cyber Security Framework
New federal rule requires banks to fight DDoS attacks
The Administrative Simplification provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA, Title II)
Draft copy of a new book by Peter Gutman on Security Engineering
Hackers exploit vulnerable systems – and unprepared individuals – to access trade and commercial secrets, damage or gain control of national assets of strategic importance, publicly embarrass top brands, and wreak general havoc with considerable financial, social and economic repercussions.
See below a short list of Linux Distribution you can use for Security Testing, Penetration Testing, or other security purpose. As usual, if your preferred distribution is not on the list let me know.
Windows 8.1 claim to stop the Pass-The-Hash attack. Smart Card’s Pass-the-Hash perils does not stop at its false sense of security.
This is Domain 6 of the Security+ CBK. It is 11% of the exam.
This is Domain 5 of the Security+ CBK on Access Control and Identity Management. It is 13% of the exam.
This is Domain 4 of the Security+ CBK. It is covering 10% of the exam.
This is Domain 3 of the CompTIA Security+ CBK. It is 21% of the exam.