CompTIA has announced the venue of Security+ 401 by the end of the first quarter of 2014.. This article shows the changes that were introduced in the new version of the exam.

This presentation will coach you on how to become a CISSP from A to Z. It will give you tips and trick to master the CISSP CBK and teach you how to pass this dreaded exam the first time you take the test. It is a must watch for anyone serious about becoming a CISSP.

In this paper (attached below) it describes a new acoustic cryptanalysis key extraction attack, applicable to GnuPG’s current implementation of RSA. The attack can extract full 4096-bit RSA decryption keys from laptop computers (of various models), within an hour.

Why 9 Steps to Cybersecurity is an Essential Read: Learn how to use risk management to make your cybersecurity a profitable investment. Learn how to comply with various information security laws and regulations, including U.S. Executive Order Improving Critical Infrastructure Cybersecurity.

Another Credit Card Compromise, this time it is at Target.

Since our last report, malware and related IT security threats have grown and matured. Malicious code authors are far more adept at camouflaging their work— using the dark parts of the Internet—creating new threats that are smarter, shadier and stealthier.

Much of Europe’s critical infrastructure which resides in sectors such as energy, transportation,water supply is largely managed and controlled by SCADA (Supervisory Control and Data Acquisition) systems, a subgroup of Industrial Control Systems (ICS).

This is an ENISA deliverable aiming to facilitate a knowledge transfer of IT Business Continuity issues to Small Medium Enterprises (SMEs).

The ENISA Threat Landscape is a collection of top cyber-threats that have been assessed in the reporting period, ie. end 2012-end 2013.

The NVD was established in 2005 to provide a U.S. government repository of data about software vulnerabilities and configuration settings

2013 list of top management and performance challenges facing the Department of Justice (Department)

Great article on the StefanoMele web site at http://www.stefanomele.it/news/dettaglio.asp?id=390#! discussion the Cyber Security Strategy of the UK government.

G20 delegates duped by nude pictures of Carla Bruni allowing hackers to access their computers

The conference will happening on April, 14th, 2014 in a secret location within the city of Sao Paulo, Brazil.

Another Laptop Theft which led to exposure of medical information. Have they heard of full drive encryption?

The HITRUST Common Security Framework (CSF) provides the foundation for HITRUST Central, a managed, online community that is designed to be a resource for healthcare information security professionals

Every week seems to bring news of yet another website hacked, user accounts compromised, or personal data stolen or misused. See info below from the White House website on the new Cybersecurity framework and trusted identifies projects as well.

Great Article from NSS Labs on Zero Day. Original at: https://www.nsslabs.com/reports/known-unknowns-0

A nice infographic from Venafi showing how Snowden was able to get so much information.

Job Mailing List for CISSP's only