Good news – Best Jobs In America, Information Security is well ranked!

Good news – Best Jobs In America, Information Security is well ranked!

Hi all, I wish you all a Happy New Year full of good news! And to start it off, check out this article about the best professions in America. Information/IT Security is well ranked, and paying good money too!

3 Certifications IT Professionals Can’t Afford to Ignore

3 Certifications IT Professionals Can’t Afford to Ignore

Today’s technology professionals are under a type of pressure that did not exist 10-to-20 years ago. As technology has improved, so have the threats that can be used against it. These threats can come in the form of security compromises, employees not following protocol, data breaches, lost or damaged data, and much more. Pages: 1 [...]

5 Scary Types of Security Professionals You Will Meet in Your Career

5 Scary Types of Security Professionals You Will Meet in Your Career

Hello everyone and welcome to the blog! Information Security is cool. We all  know that. But… As most of you know, I’ve been in the market for 16 years now… which gave me the opportunity to meet the brightest security professionals around the globe, and also some who weren’t the sharpest tool in the shed. [...]

How to Sell the Value Of Information Security – The four “Rs”

How to Sell the Value Of Information Security – The four “Rs”

Whether you are freelancer in the information security sector trying to convince a company to hire you, or you are struggling with an employer to justify the annual information security budget, explaining the importance and value of what you do is a hurdle most people in the industry face. While those in the infosec industry [...]

7 reasons why you SHOULD work in Information Security

7 reasons why you SHOULD work in Information Security

  Dear readers, Wow! what a hit it was! My previous article on  6 reasons why you should NOT work with information security was a block buster, breaking all previous page hits records of this site, and bringing along a deluge of  praises,  insults, and funny comments. I was called a comedian, an a$$hole, a betrayer and a genius, [...]

6 Reasons Why You Should NOT Work With Information Security

6 Reasons Why You Should NOT Work With Information Security

This article does not mean to be demeaning to the career I chose to follow, but rather a humorous rundown of facts about being a security professional that cannot be ignored, and are shared amongst several of us. Do not let the items below discourage you, but rather be aware that they are an intrinsic [...]

Startup guide to become an Information Security Consultant

Startup guide to become an Information Security Consultant

Hi all, I was browsing the net for some inspiration to my new article when I found an article that certainly adds up to what I’ve said before about starting your information security career. I’m reposting it here since it might be of benefit to you all. Have a good reading! Adriano.

Targeted Attack Against UAE Activist Utilizes CVE-2013-0422, Drops Malware

Targeted Attack Against UAE Activist Utilizes CVE-2013-0422, Drops Malware

Earlier this month, BahrainWatch.org was contacted by an UAE activist, who reported receiving a suspicious email. Upon deeper examination, it was revealed that it was a targeted atttack relying on Java exploit (CVE-2013-0422), which would have dropped a Remote Access Trojan (RAT), if the attack wasn’t detected. The malware was hosted on the isteeler(dot)com domain, [...]

The Eavesdropping System In Your Computer

The Eavesdropping System In Your Computer

Dan Farmer has an interesting paper (long version here; short version here) discussing the Baseboard Management Controller on your computer’s motherboard: The BMC is an embedded computer found on most server motherboards made in the last 10 or 15 years. Often running Linux, the BMC’s CPU, memory, storage, and network run independently. It runs Intel’s [...]

Network Forensics Defined?

Network Forensics Defined?

One of my research projects this quarter will be focused on a really, really exciting subject: network forensics. While we will likely formally define it in the course of our research, I wanted to briefly explore it in this blog post. As I understand it now, “network forensics” today exists at the confluence of several [...]

Making The Case For National Cyber Labs

Making The Case For National Cyber Labs

Recently I received a most interesting link from a friend, about a tiny city that was actually a perfect working model of a real-life city built by the SANS Institute. It had real banking networks, power grid networks, public transit systems, a hospital, a military complex, you name it. It’s a fully decked out city [...]

No Limits—New York Times Hacked By China

No Limits—New York Times Hacked By China

A must-read reported by the Times itself: For the last four months, Chinese hackers have persistently attacked The New York Times, infiltrating its computer systems and getting passwords for its reporters and other employees. The timing of the attacks coincided with the reporting for a Times investigation, published online on Oct. 25, that found that [...]

Remember, Every Jailbreak Is A Security Exploit

Remember, Every Jailbreak Is A Security Exploit

See update at the bottom TechHive’s piece on the new iOS 6.1 jailbreak. Only works on the pre-A5 processors, which means the iPhone 4S and iPad 2 and later are safe. The device must be connected to a computer for it to work. This is a tethered jailbreak which means it goes away when the [...]