David Kennedy David Kennedy is the founder of TrustedSec, Binary Defense, and DerbyCon. TrustedSec and Binary Defense are focused on the betterment of the security industry from both a defensive and offensive perspective. He also serves on the board of directors for the (ISC)2 organization. Formerly, David was the CSO for Diebold Incorporated, where he
Threatcare Blog
Jennifer Jin / September 17, 2018
Tribe of Hackers Spotlight: Lesley Carhart
Lesley Carhart Lesley Carhart (GCIH, GREM, GCFA, GPEN, B.S. Network Technologies, DePaul University) is an 18-year IT industry veteran, including nine years in information security (specifically, digital forensics and incident response). She speaks and writes about digital forensics and incident response, OSINT, and information security careers. She is highly involved in the Chicagoland information security
Jennifer Jin / September 13, 2018
Tribe of Hackers Spotlight: Jayson E. Street
Jayson E. Street Jayson E. Street is a co-author of the Dissecting the Hack series. He is also the DEF CON Groups Global Ambassador and the VP of InfoSec for SphereNY. Jayson has spoken on a variety of information security subjects, including events at DEF CON, DerbyCon, GrrCon, and several other cons and colleges.
Zac Elbel / September 12, 2018
Breach and Attack Simulation vs. Pen test
Breach and Attack Simulation (BAS) is growing in popularity within the cybersecurity space. While this simulation-centric approach is gaining ground, a large majority of cybersecurity professionals have yet to adopt the technology. This is largely due to the fact that most cybersecurity professionals primarily utilize penetration tests to validate the network security posture and controls. What is
Jennifer Jin / September 11, 2018
Tribe of Hackers Spotlight: Wendy Nather
Wendy Nather Wendy Nather is a mild-mannered threat intelligence research director by day and a former Analyst and CISO in the public and private sectors. Warning: This interview may contain snark. Twitter: @wendynather Website: http://idoneous-security.blogspot.com/ Don’t know what the Tribe of Hackers is? Check it out here! If there is one myth
Zac Elbel / September 10, 2018
What is a Breach and Attack Simulation?
BAS — maybe you’ve heard of it. It’s gaining steam in cybersecurity now that the MITRE ATT&CK framework is being adopted by blue teams and red teams. We’ve talked to everyone from penetration testers to bank executives who are leveraging Breach and Attack Simulation (BAS) to influence their craft. Pentesters are using it to define
Jennifer Jin / August 28, 2018
Codeverse—Building Games & Hacking Lights 🕹
Put simply, email is far less effective than app-based phishing in 2018. WhatsApp: Mobile Phishing’s Newest Attack Target. Better late than never—finish your day with Tuesday’s daily brief. Bank of Spain’s website hit by cyber attack The Bank of Spain’s website has been hit since Sunday by a cyber attack which has temporarily disrupted access
Jennifer Jin / August 27, 2018
Millions of Texas Voter Records Exposed 🗳
The browser would play back “a short random code encoded into human speech” when a user attempts to login. Listening Watch: New 2FA mechanism using a wearable and browser speech sounds. It’s Monday! Let’s launch into today’s daily brief. Atlas Quantum Cryptocurrency Investment Platform Suffers Data Breach The stolen data supposedly included customers names, phone
Jennifer Jin / August 24, 2018
2mil Affected in T-Mobile Data Breach 📳
“48% of the respondents have no cybersecurity incident response plan in place to counteract an attack if and when it occurs.” 77% of IT pros believe their enterprises will be hacked—but almost half aren’t ready for it. Hacking aside, are you ready to start your weekend with today’s brief? Hackers Stole Personal Data of 2
Jennifer Jin / August 23, 2018
The Most Malware-Infested City in America 🇺🇸
Google’s Gmail service ignores periods in the address before the @gmail.com. In fact, a Google support page states that “dots don’t matter in Gmail addresses.” Make Several Gmail Addresses Out of One. “If spam or newsletters you never signed up for begin to appear in your inbox, you’ll have an idea where the sender got your