After attending Black Hat and DEFCON this year, I noticed that there wasn’t an overarching theme, like the Cloud, APTs or Big Data that prior years have seemed to focus on. Given the recent disclosures about NSA surveillance programs, privacy was…
Read MoreAugust 3, 2013
This year I was fortunate enough to be able to attend the Black Hat 2013 conference in Las Vegas. The opening keynote by General Alexander set the mood for what I think will be a common trend throughout the rest…
Read MoreAugust 1, 2013
When a client authenticates with a Web application, a session is established. Usually a unique, pseudo-random session ID is generated and passed from the client to the Web application with each HTTP request that is made. This session ID might be…
Read MoreMarch 20, 2013
The recent compromise at The Hartford Insurance Company highlights the fact that AV software by itself isn’t always an adequate defense—even for malware that has been in the wild for quite some time. It was reported that a W32-Qakbot variant was…
Read MoreApril 13, 2011