HackDig : Dig high-quality web security articles for hackers

Lock and Code S1Ep9: Strengthening and forgetting passwords with Matt Davey and Kyle Swank

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Matt Davey, chief operations optimist at 1Password, and Kyle Swank, a member of 1Password’s security team, about—what else—passwords. We may know it’s important to have a strong, non-guessable, lengthy passw
Publish At:2020-06-22 11:28 | Read:642 | Comments:0 | Tags:A week in security a week in security awis casting infosec l

National Poetry Month – Cybersecurity Edition

April is National Poetry Month, a time when we can celebrate poets and their craft. To join in the celebrations, we at the State of Security asked employees at Tripwire and in the wider infosec community to create and share some of their favorite cybersecurity-related poems with us.Here are some of our favorites from Twitter:Did you know April is #NationalPo
Publish At:2020-05-03 08:04 | Read:699 | Comments:0 | Tags:Off Topic cybersecurity Infosec Poems

Podcast Episode 4: Understanding the Impact of the Skills Gap on the Infosec Market

Listen and subscribe to our new podcast! Tripwire’s cybersecurity podcast features 20-minute conversations with the people who protect people from cyber threats. Hosted by Tripwire’s VP of Product Management and Strategy, Tim Erlin, each episode brings on a new guest to explore the evolving threat landscape, technology trends, and cybersecurity best practice
Publish At:2020-03-24 05:35 | Read:959 | Comments:0 | Tags:Podcast Infosec skills gap

How Organizations Can Fight to Retain Talent Amidst the Infosec Skills Gap

In a previous post, I shared some expert insight into how organizations can address the challenges of hiring skilled talent despite the ongoing infosec skills gap. Organizations can’t rest easy once they’ve brought on new talent, however. They need to make sure they hold onto their existing workforce.That’s easier said than done. Cybersecurity Ventures forec
Publish At:2020-03-23 06:49 | Read:1020 | Comments:0 | Tags:Featured Articles Infosec retaining talent skills gap

Coronavirus impacts security conferences and events: check your schedule

With coronavirus starting to take hold globally, international travel restrictions are kicking in and more workplaces are advising to work from home whenever possible. When self-isolation is a potential solution, public gatherings are increasingly looking like a terrible idea. Events are becoming a bit of a hotspot for cases, leading to inevitably bizarre sc
Publish At:2020-03-12 15:31 | Read:1161 | Comments:0 | Tags:Security world black hat bsides cancellations conferences co

Mental Health for Hackers: Contents Under Pressure

In 2011, I was in the middle of sitting down when I suddenly felt prickling sensations start from my toes, spread up my legs, and make their way into my arms. I was gasping for air. As the sensation traveled up my spine, it overwhelmed my head, and my heart struggled to keep up. Desperate for air and covered in tears, I started praying. I was scared for my l
Publish At:2020-02-19 00:33 | Read:884 | Comments:0 | Tags:Events Infosec mental health RSAC

A week in security (January 27 – February 2)

Last week on Malwarebytes Labs, we looked at the strengths and weaknesses of the Zero Trust model, gave you the low-down on spear phishing, and took a delve into the world of securing the managed service provider (MSP). Other cybersecurity news UN compromised via Sharepoint hack: An extraordinary tale highlighting that absolutely nobody is safe when bad thi
Publish At:2020-02-03 16:50 | Read:1001 | Comments:0 | Tags:A week in security a week in security cybersecurity news inf

A run-time approach for penetration testing of iOS apps Part-I

Hello everybody, This article will cover dynamic run-time penetration testing of iOS applications using objection framework. Objection is a run-time mobile exploration toolkit, powered by Frida. Objection injects uses Frida to injects objects into application run-time in order to execute certain tasks in security context. Objection framework let
Publish At:2019-10-07 07:25 | Read:2305 | Comments:0 | Tags:News infosec ios applications iospentesting Mobile Applicati

A run-time approach for pen-testing iOS applications Part-II (Objection in Action)

Objection in Action Once all things go right, we can inject Frida scripts into our target application. Open target application and enter following command in powershell objection -g YOUR-APPLICATION-NAME explore You will now have access to application’s file over device’s shell Test Cases: > Application exploration: 1. To brows
Publish At:2019-10-07 07:25 | Read:2124 | Comments:0 | Tags:News infosec ios ios applications iospentesting Mobile Appli

A week in security (September 9 – 15)

Last week  on the Labs blog, we looked at free VPN offerings, how malware can hinder vital emergency services, and explored how the Heartbleed vulnerability is still causing problems. We also talked about a large FTC settlement involving Google, and how to keep an eye out for leaky AWS buckets. Other cybersecurity news The Cobalt Dickens group has returned
Publish At:2019-09-20 11:20 | Read:2350 | Comments:0 | Tags:A week in security a week in security infosec malware Mobile

Our Bring Your Own Malware Challenge is Back!

We are hosting the Bring Your Own Malware Challenge at a series of upcoming events. Bring it to InfoSec in London, Gartner Security Summit in Maryland and of course, Black Hat in July. The rules are simple, you have to plan ahead, but we have a cash prize. That’s right. We’ll be hosting our BYOM aka Bring Your Own Malware Challenge once again, and it will
Publish At:2017-05-25 01:00 | Read:6136 | Comments:0 | Tags:Company News Threats challenge endpoint infosec Isolation Ma

Cybersecurity Virtualization Expert Ian Pratt Explains WannaCry Exploit (Video)

Ian Pratt, co-founder of Bromium and a virtualization expert was interviewed by Sky News. The video clip below shows how the malware arrived and how it deployed. This is the first of what will be many likely exploits in the months to come. WannaCry is likely the first of many global cybersecurity events that will put our collective economies at risk. From
Publish At:2017-05-15 01:25 | Read:4873 | Comments:0 | Tags:Breaking News cybersecurity ian pratt infosec interview micr

Justifying the Value of Conference Attendance to Your Boss

Over the weekend, I became immersed in a discussion on Twitter centered around getting more people involved in InfoSec conferences. Here’s the original post by @hacks4pancakes:Lesley’s initial point led to many great responses relating to the value of attending conferences and the process of communicating that value to the powers that be within your organiza
Publish At:2017-03-15 23:30 | Read:5349 | Comments:0 | Tags:Off Topic Conference Infosec networking

A C(I)SO View on RSA 2017: “China Is Hiring in the US”

Two weeks ago, while visiting the yearly security gathering at the RSA conference in San Francisco’s Moscone center complex (and adjacent hotels – it’s growing like mad), I was walking across the North and South Expo halls to check out some vendors (Several I had appointments with, some by curiosity, and a few that were really new kids on the block.) selling
Publish At:2017-02-28 04:55 | Read:5296 | Comments:0 | Tags:Events Featured Articles CISO Infosec RSA security

Make it public or private…how secure is your profile online?

Part 1 Did you ever ask yourself if you care what personal information you give out online or in exchange for a “free” service?  Do you really want to mix your colleagues with a friends or family on social media? Do you really want to leak some information about your life and interests to strangers? (Yes, strangers because you don’t know your online audience
Publish At:2017-02-20 23:05 | Read:5088 | Comments:0 | Tags:InfoSec