Many people teaches that TCSEC is not longer on the CISSP exam, this is not true. I can tell you with certainty that it still shows up once in a while, it creeps out of its hole to come and bite you. When you have 698 this is the topic that may allow you to pass or fail your exam.

Tonight i have added a new question to our Drag and Drop quiz.

A great story by Krebs on Security about Truecrypt shutting down for good.

Tor is free software and an open network that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security.

If you want to dodge ad trackers, have sensitive sources to protect or you just want to conduct your normal online activities without being spied on, then The Amnesiac Incognito Live System (better known as Tails) could help.

ICS-CERT works to reduce risks within and across all critical infrastructure sectors by partnering with law enforcement agencies and the intelligence community and coordinating efforts among Federal, state, local, and tribal governments and control systems owners, operators, and vendors.

In this article you will find some of the recommended online testing labs to practice your skill ethically and legally.

Find within this post some of my favorite mailing list for different types of information.

See below a short list of Linux Distribution you can use for Security Testing, Penetration Testing, or other security purpose. As usual, if your preferred distribution is not on the list let me know.

It's a great opportunity to learn in-depth details about the OSSTMM, especially OSSTMM 4, in a great setting. Plus the price is undeniably good. Seriously.

This presentation will coach you on how to become a CISSP from A to Z. It will give you tips and trick to master the CISSP CBK and teach you how to pass this dreaded exam the first time you take the test. It is a must watch for anyone serious about becoming a CISSP.

Another Credit Card Compromise, this time it is at Target.

The NVD was established in 2005 to provide a U.S. government repository of data about software vulnerabilities and configuration settings

Great article on the StefanoMele web site at http://www.stefanomele.it/news/dettaglio.asp?id=390#! discussion the Cyber Security Strategy of the UK government.

Every week seems to bring news of yet another website hacked, user accounts compromised, or personal data stolen or misused. See info below from the White House website on the new Cybersecurity framework and trusted identifies projects as well.