People say that Philadelphia has an inferiority complex. They say that that we feel overlooked being located between New York and Washington, D.C. Until earlier this month, as far Security BSides was concerned, that was pretty much true. Great BSides groups are easy driving distance from Philadelphia, but we had nothing in our own backyard. […]… Read More The post Inaugural BSidesPhilly Event a Smashing Success appeared first on The State of Security.

Cloud computing has come a long way in just a few years. Now, most businesses use some sort of cloud service, whether it be for a specific software application, infrastructure requirements, or more. The cloud certainly represents the way many companies are choosing to operate, but some have shown reluctance to adopt cloud solutions. One […]… Read More The post What the Cloud Can Do to Improve IT Security appeared first on The State of Security.

In June, Tripwire security researcher Travis Smith conducted a presentation at InfoSecurity Europe 2016 on how open source and other free tools can monitor, protect and mitigate threats in IoT environments. In addition, Smith explained how these tools and methodologies can be deployed on inexpensive hardware, such as the Raspberry Pi. In this special security slice podcast hosted by Tyler […]… Read More The post Security Slice – Sweet Security: Building a Defensive Raspberry Pi appeared first on The State of Security.

According to a recent report by Symantec, attacks exploiting previously unknown (or zero-day) software vulnerabilities more than doubled last year. Researchers believed this spike may be caused by the Hacking Team breach, which forced several zero-day exploits into the wild. Was the recent increase in zero-days a onetime occurrence, or should we expect disclosure of […]… Read More The post Security Slice: The Zero-Day Arms Race appeared first on The State of Security.

In the beginning of April, the Badlock vulnerability was everywhere. It had its own logo and website, along with an announcement stating security updates would only become available as part of the April Microsoft Patch Tuesday. But when the details were revealed, many security experts felt Badlock’s marketing was not consistent with the severity of the […]… Read More The post Security Slice: The Bug That Cried Wolf appeared first on The State of Security.

Ransomware seems to be everywhere. According to Blue Coat Systems’ 2015 Mobile Malware Report, ransomware is now the top malware threat targeting mobile devices, and it has even begun to infect Apple’s Macintosh computers. Hospitals across the nation have been significantly impacted by ransomware campaigns. What factors are driving this dramatic rise in ransomware? Listen to our […]… Read More The post Security Slice: The Resurgence of Ransomware appeared first on The State of Security.

After weeks of controversy, the FBI announced it successfully cracked the iPhone of the San Bernardino shooter. The FBI’s method did not require Apple’s assistance, but the discussion surrounding encryption and law enforcement is far from over. This special security slice podcast was recorded several days before the FBI dropped its legal case against Apple. […]… Read More The post Security Slice: The Apple Encryption Debate appeared first on The State of Security.

In early March, Tripwire security researcher Travis Smith did a presentation at RSA Conference 2016 on how commercial and open source threat intelligence tools can work together to add essential time context to log data. This crucial data allows organizations to pinpoint exactly when a breach occurred and other critical forensic analysis information. Listen to this special security slice […]… Read More The post Security Slice: Dreaming of IoCs and Threat Intelligence appeared first on The State of Security.

San Francisco is hosting a major software development festival roughly 10 days before RSA’s 2016 security conference rolls into the city. Whether you are a new software developer or a seasoned architect, how can you build security into your development process? Listen to our latest Security Slice podcast and hear Tim Erlin, Tyler Reguly and Craig Young discuss why developer […]… Read More The post Security Slice: Secure Software Development appeared first on The State of Security.

In December 2015, a power outage in the Ukraine left over 700,000 citizens without electricity. Security researchers confirmed that the outage was caused by BlackEnergy malware and there’s been a lot of speculation that Russia was behind the cyber attack. What lessons can U.S. critical infrastructure providers learn from these attacks? Listen to our latest Security […]… Read More The post Security Slice: BlackEnergy Blackouts appeared first on The State of Security.

A multinational insurance company called Chubb will soon offer their clients ‘troll insurance.’ This new policy will allow holders to claim up to £50,000 to pay for expenses caused by online abuse, including professional counselling and forensics to track down the original bullies. The Internet is infamous for widespread cyber bullying; will this become a […]… Read More The post Security Slice: The High Cost of Trolls appeared first on The State of Security.

In their Q3 2015 report, Akamai Technologies noticed a dramatic rise in Distributed Denial-of-Service (DDoS) attacks. These attacks rose 23% from the previous quarter and jumped a dramatic 180% from Q3 2014. What is behind the increase in distributed denial-of-service attacks and the damage they cause? Listen to our latest Security Slice podcast and hear Tim […]… Read More The post Security Slice: Diffusing DDoS Damage appeared first on The State of Security.

FireEye recently discovered a massive spear-phishing malware campaign targeting journalists in Hong Kong. The attack appeared to be state-sponsored, and hid a command and control server in their victim’s Dropbox account. As is often the case, the attack could have been circumvented by installing a few simple patches. How can vendors support the patching process […]… Read More The post Security Slice: Cloudy with a Chance of Patching appeared first on The State of Security.

VTech, a global electronics manufacturer and toymaker, recently suffered from a data breach that exposed personal information for over 200,000 children and 5 million adults. The data leaked included names, home addresses, genders, birthdays and linked parents and children. Do children face unique security risks when their information is exposed in a data breach? Listen […]… Read More The post Security Slice: The VTech Breach appeared first on The State of Security.

According to a recent report by Trend Micro, the majority of cyber criminals in Japan request payment through gift cards. Meanwhile, an Apple Store employee in New York was recently arrested for using fraudulent credit card details to buy almost $1 million worth of Apple gift cards. Credit card fraud is  widely understood but how […]… Read More The post Security Slice: Cyber Crime: The Gift That Keeps on Giving appeared first on The State of Security.

Surprise, surprise: ransomware is on the rise. Not only is ransome-focused malware becoming more common, it’s becoming more complicated, as well. For example, Linux.Encoder.1 is a new breed of ransomware which can be injected into websites to pose as shopping cart programs. Despite the dangers of ransomware, a member of the FBI recently recommended that […]… Read More The post Security Slice: The Rising Cost of Ransomware appeared first on The State of Security.

Apple recently removed over 250 iOS from their App Store. Every removed app used a software-development kit from Chinese advertiser Youmi, which allegedly data mined massive amounts of information from users without the developers or customer’s knowledge. How can users identify malicious or intrusive apps on mobile stores? Listen to our latest Security Slice podcast […]… Read More The post Security Slice: Avoiding Adverse Apps appeared first on The State of Security.

The TalkTalk breach has already led to several arrests, and the alleged hackers’ ages range from 15 to 20. This isn’t the only recent incident involving young hackers. Earlier this year, a teenager claimed to have breached the email account of CIA Director John Brennan. Are cyber attackers getting younger? Listen to our latest Security […]… Read More The post Security Slice: Honey, the Kids Are Going to Be Hackers appeared first on The State of Security.

According to Raytheon|Websense, the healthcare industry is four times more likely to suffer advanced malware attacks than is any other sector. The news gets more concerning, as phishing attacks are 74 percent more likely to affect healthcare organizations. What can the healthcare industry do about their unique security challenges? Listen to our latest Security Slice […]… Read More The post Security Slice: Healing Healthcare Security appeared first on The State of Security.

Symantec recently discovered a new strain of malware, dubbed “Linux.Wifatch,” which has already infected more than 10,000 IoT devices. The malware’s author says Linux.Wifatch is actually beneficial because it removes a malicious backdoor and encourages users to update weak passwords. Do the ends of vigilante-style malware and beneficial botnets like Linux.Wifatch justify the means? Listen […]… Read More The post Security Slice: Beneficial Botnets? appeared first on The State of Security.

According to a recent study by Clearswift, IT professionals believe finance and human resources employees are more likely to cause a data breach than other departments. In addition, employees between the ages of 35-44 were believed to be the most likely to leak company data with malicious intent. Do these statistics accurately reflect enterprise risk […]… Read More The post Security Slice: Human Resources Security Woes appeared first on The State of Security.

Drone security has been in the news recently. First, a computer hacker associated with the Islamic State was killed in a drone strike. Second, two popular consumer drones were successfully hijacked by security researchers at DEF CON 23. As privacy and drone security issues begin to intertwine, what issues should privacy advocates be concerned about? […]… Read More The post Security Slice: Game of Drones appeared first on The State of Security.

The University of Virginia recently announced a data breach that reportedly originated from China. Personal information was not exposed; however, the attackers targeted two university employees with ties to the Defense Department and other intelligence agencies. What can other organizations learn from this breach about nation state attacks? Listen to our latest Security Slice podcast […]… Read More The post Security Slice: Crash Course in University Security appeared first on The State of Security.

In the first part of our security slice podcast on Ken Westin’s DEF CON 23 presentation, “Confessions of a Professional Cyber Stalker,” Ken discussed his white hat cyber stalker skills and how he’s used them to track and convict cybercriminals. These skills have come into sharp focus in light of the Ashley Madison data breach that […]… Read More The post Security Slice: Confessions of a Professional Cyber Stalker – Part Two appeared first on The State of Security.