When I hear someone say “you can never be too secure,” I assume they don’t understand the implications of that statement. Perfect...

Are sloppy security controls actually beneficial to a company during a breach?  This is an elephant in the room for Incident Response...

Security Advisory: Bambuser Mobile Application Advisory Title: Bambuser Mobile Application Information Disclosure Vulnerability Internal...

Security Advisory: Ustream Mobile Application Advisory Title: Ustream Mobile Application Information Disclosure Vulnerability Internal...

Principles Are More Important Than Tactics Security doesn’t come from the specific things you do. It comes from an overall approach to...

Prioritize Based on the Business A lot of data isn’t worth what we spend to protect it. What’s worth protecting and what’s just not?...

Tools are a Means, Not an End One of the biggest shames of our industry right now is that “silver bullet” tools have such a hold on...

Cultivate Understanding This is the opposite of running around trying to inform everybody of what you think is the biggest problem. It...

A Russian site today published a report that a simple and clever hack can allow Apple iOS in-app purchases to be made at no cost. The...

Yahoo Voices – a 2010 acquisition by the search company – was breached, and an attacker compromised 450,000 accounts, including email...