This is an ENISA deliverable aiming to facilitate a knowledge transfer of IT Business Continuity issues to Small Medium Enterprises (SMEs).
Since our last report, malware and related IT security threats have grown and matured. Malicious code authors are far more adept at camouflaging their work— using the dark parts of the Internet—creating new threats that are smarter, shadier and stealthier.
In this paper (attached below) it describes a new acoustic cryptanalysis key extraction attack, applicable to GnuPG’s current implementation of RSA. The attack can extract full 4096-bit RSA decryption keys from laptop computers (of various models), within an hour.
This presentation will coach you on how to become a CISSP from A to Z. It will give you tips and trick to master the CISSP CBK and teach you how to pass this dreaded exam the first time you take the test. It is a must watch for anyone serious about becoming a CISSP.
CompTIA has announced the venue of Security+ 401 by the end of the first quarter of 2014.. This article shows the changes that were introduced in the new version of the exam.
Finally, here is my first attempt at this new type of questions showing up on the exam.
As seen on the great http://www.stefanomele.it/ web site. For the first time the U.S. Army has released an official doctrine manual on military activities in cyberspace, the "FM 3-38 Cyber Electromagnetic Activities".
The Open Source Security Testing Manual from ISECOM. A fantastic project from my friend Pete Herzog. If you believe in true security this is a must know web site and content.
It's a great opportunity to learn in-depth details about the OSSTMM, especially OSSTMM 4, in a great setting. Plus the price is undeniably good. Seriously.
This is a thorough introduction to what Security+ is and what is required to become certified.
Windows 8.1 claim to stop the Pass-The-Hash attack. Smart Card’s Pass-the-Hash perils does not stop at its false sense of security.
See below a short list of Linux Distribution you can use for Security Testing, Penetration Testing, or other security purpose. As usual, if your preferred distribution is not on the list let me know.
See this article to find out what are the new topics that were added to the new CISSP® CBK® version 2015.
Demand for cybersecurity professionals greatly exceeds demand, making it one of the hottest fields in the technology job market, according to a report from Burning Glass Technologies, an employment data and consulting company.
Acunetix is once again confirmed as one of the leaders in web application scanning with a 100% detection accuracy and 0% false positives for Reflected Cross-Site Scripting and SQL Injection vulnerabilities, together with a leading WIVET assessment score.
This is a short article that tell you more about CCCure and who are the people behind it as well.
Today I have completed the recording of my first computer based tutorial (CBT) for the Access Control Domain. It is almost 9 hours of thorough content that covers 100% of the CBK objectives for this domain.
CCCure in partnership with SecureNinjaTV is pleased to present the entire Cyber Kung Fu for the Certified Ethical Hacker version 8 training class.
SecureNinjaTV CEH V8 Cyber Kung Fu Module 00 Introduction to the hacking scene and class
SecureNinjaTV CEH V8 Cyber Kung Fu Module 01 Introduction to Ethical Hacking