One of the things we talked about last week in our “The Downside of 0% Infosec Unemployement” post is people obtaining quick certs to get into the high-demand security industry. Non-security savvy companies looking to hire qualified infosec pros in this lucrative market need to be on the lookout for people passing themselves off...
Read more »
Early last week we had a story on a targeted attacks against military contractors using a malicious PDF disguised as a conference CFP. On Friday the threats continued with emails being sent to all 163 participants of a recent Intelligence Advanced Research Projects Activity (IARPA) event purporting to be a list of the attendees....
Read more »
There seems to be a theme going around the security industry lately … focus less on preaching to the choir and more on “inceptionizing” security to people building the systems. As an example in last week’s Dark Reading “Walking In The Application Developer’s Shoes” article, Kelly Jackson Higgins discussed how many security professionals are...
Read more »
DarkReading recently published an interesting article entitled “BT Study: Most Enterprises Expect to Get Hacked This Year.” I’d say that that’s a safe assumption, since in the case of most large organizations, their electronic footprint is everywhere. When you pair that with unmanaged parts of an organization setting up servers and machines, accounting for all...
Read more »
Addressing the problem of companies not taking insider threats seriously, the “Many Enterprises Still Don’t Recognize Insider Threat, Studies Say” article on DarkReading made some much-needed points about intranets not being the secure entities that many companies believe them to be. While the article’s primary focus is on traditional insider threats—with employees knowingly or...
Read more »
