How the CISO can hire the right organization

The employment prospects for Cyber Security practitioners continue to be at an all-time high, with no end in sight. In contrast to the demand, a recent report indicated 80% of Fortune 100 CISOs have held their current position for less than five years[i], and many in the industry accept that a CISO’s tenure will be … Read more

Android Application Penetration Testing Part – 4

As per my last article(Android Application Penetration testing Part 1), (Android Application Penetration testing Part 2), (Android Application Penetration test part-3) we had look on basic architecture and penetration testing tools and ADB. Now let’s see some entry points for android application Penetration testing. From the perspective of security the manifest file is usually the first thing … Read more

Proposed ‘hack back’ law would not have stopped WannaCry

On Monday, the Financial Times published a story concerning a proposed bill form Representative Tom Graves, a Republican from Georgia’s 14th district. Graves has proposed changing the Computer Fraud and Abuse Act (CFAA) to allow organizations to fight back when being attacked online. Read full news article on CSOONLINE.com  

MolinaHealthcare.com Exposed Patient Records

Earlier this month, KrebsOnSecurity featured a story about a basic security flaw in the Web site of medical diagnostics firm True Health Group that let anyone who was logged in to the site view all other patient records. In that story I mentioned True Health was one of three major healthcare providers with similar website problems, … Read more

OWASP ZAP and R

It is my sincere hope that when I say OWASP Zed Attack Proxy (ZAP), you say “Hell, yeah!” rather than “What’s that?” Read full news article on Dzone