The Security Ledger

DECEMBER 19, 2018

In this spotlight edition* of The Security Ledger Podcast, Steve Hanna of Infineon joins us to talk about the growing risk of cyber attacks on industrial systems and critical infrastructure. We talk about how that might be. We talk about how that might be done and the need for strong identity and hardware based roots of trust!

IoT 40

IoT Security Manufacturing Risk 40

eSecurity Planet

SEPTEMBER 14, 2022

To this end, some impressive technology has been created to combat the technological side of the issue, to keep hackers and similar bad actors from accessing data and account privileges they shouldn’t. To talk about which targets scammers pick, we’ll be looking at two categories: individuals and businesses. Businesses. Social Tactics.

Energy and Utilities 118

Energy and Utilities Phishing Blockchain Cybersecurity 118

ForAllSecure

FEBRUARY 5, 2021

This three-part series will show you how to take your fuzzing targets beyond memory errors and crashes to finding correctness and even efficiency issues using Property-based fuzzing. This technique is especially useful for memory-safe languages like R ust and Go. A framework with bad generators will not uncover as many issues.

Libraries 52

Libraries IT 52

ForAllSecure

FEBRUARY 5, 2021

This three-part series will show you how to take your fuzzing targets beyond memory errors and crashes to finding correctness and even efficiency issues using Property-based fuzzing. This technique is especially useful for memory-safe languages like R ust and Go. A framework with bad generators will not uncover as many issues.

Libraries 52

Libraries IT 52

Robert's Db2

AUGUST 31, 2015

The ability to fix a buffer pool in memory, accomplished through the PGFIX(YES) option of the -ALTER BUFFERPOOL command, was introduced with DB2 for z/OS Version 8. Well, if a DB2 buffer is not fixed in memory (and PGFIX(NO) is the default), DB2 has to request that z/OS fix the buffer in memory (i.e.,

IT 48

IT Access 48

erwin

JUNE 7, 2022

Static over-provisioning or dynamic scaling will run up monthly cloud costs very quickly on a bad design. I chose “ON Demand” for up to 64 virtual CPUs and 448 GB of memory since I wanted this data warehouse to fit entirely, or at least mostly, within memory for lightning-fast access. Look at Figure 1 below.

Cloud 52

Cloud Sales Analytics IT 52

Everteam

NOVEMBER 25, 2021

Flash memory has a better carbon footprint than the mechanical memory of our old hard drives, for example. How fast will the market move towards all-flash for memory or all-LED in emerging countries? Well, first of all, what electricity are we talking about? What is the ratio of each of these elements? to… $ 3.50!

Energy and Utilities 52

Energy and Utilities Manufacturing Government Marketing 52

Collibra

JUNE 22, 2020

The timing of these two markers together flooded me with wonderful memories and made me reflect on how similar the journey is for founders and fathers. Dreams beyond your wildest expectations: Many parenting books talk about managing the expectations you have of your children. Then yesterday my family and I celebrated Father’s Day.

IT 59

IT 59

Troy Hunt

SEPTEMBER 26, 2018

I'd talk about the reduction in load time too except it's really hard to measure because as you can see from the waterfall diagrams, with no Pi-hole it just keeps going and going and, well, it all gets a bit silly. However, check out the network requests at the bottom of the browser before and after Pi-hole: Whoa!

Analytics 109

Analytics Risk IT Security 109

Unwritten Record

DECEMBER 17, 2020

The brothers even reached out to the government in 1905, but their refusal to share specific details of their airplane, plus the government’s bad experiences with previous inventors meant that talks went nowhere. Wright Brothers National Memorial, National Park Service: [link]. The Army’s Specification No.

Archiving 65

Archiving Agriculture Government Military 65

Scary Beasts Security

MAY 15, 2017

Introduction Before we get into it, let's start by stating that the progression of memory corruption mitigations over the years has been intensely valuable. The list of mitigations to credit is long, but includes: Non-executable virtual memory regions. ASLR (address space layout randomization). Stack canaries. Heap metadata hardening.

Metadata 20

Metadata IT Security 20

John Battelle's Searchblog

FEBRUARY 9, 2024

The conversation also served as the kick-off to my own Burnes Center lecture series, “ The Internet We Deserve ” where I’ll talk with notable business, policy, technology and academic leaders central to the creation of the Internet as we know it today (last week I spoke with Larry Lessig ). It’s been lovely.

Artificial Intelligence 69

Artificial Intelligence Computer and Electronics IT Risk 69

ForAllSecure

DECEMBER 2, 2021

She talks about the various ways criminal hackers hide their work, what happens after ransomware hits on a system, how investigators go about looking for recovery information, and what type of skills those practitioners need t o succeed. Vamosi: At SecTor, an annual security conference in Toronto, Paua gave not one but two talks this year.

Encryption 52

Encryption Ransomware Passwords IT 52

ForAllSecure

NOVEMBER 24, 2020

In this episode I talk about how Heartbleed (CVE 2014-0160) was found and also interview Rauli Kaksonen, someone who was at Codenomicon at the time of its discovery and is now a senior security specialist at the University of Oulu in Finland, about how new security tools are still needed to find the next big zero day.

Encryption 52

Encryption Artificial Intelligence Marketing Security 52

ForAllSecure

NOVEMBER 24, 2020

In this episode I talk about how Heartbleed (CVE 2014-0160) was found and also interview Rauli Kaksonen, someone who was at Codenomicon at the time of its discovery and is now a senior security specialist at the University of Oulu in Finland, about how new security tools are still needed to find the next big zero day.

Encryption 52

Encryption Artificial Intelligence Marketing Security 52

Robert's Db2

MARCH 30, 2012

I'm talking about z/OS system memory. In part two, I'll examine the issue of configuring DB2 to use more memory for buffer pools in an unapologetic way -- meaning, when you want more memory resource for your DB2 subsystem, don't ask for it as though you're Oliver Twist ("Please, sir, I want some more").

Access 48

Access IT 48

ForAllSecure

JUNE 2, 2021

In this episode, LiveOverflow talks about his six years of producing engaging YouTube content and what the rise of social media influencers might mean for traditional conferences like Black Hat. And only a few years later he reverse engineered a Sony PlayStation, enabling it to both read and write to memory within the device.

Marketing 52

Marketing Education IT Security 52

ForAllSecure

JUNE 2, 2021

In this episode, LiveOverflow talks about his six years of producing engaging YouTube content and what the rise of social media influencers might mean for traditional conferences like Black Hat. And only a few years later he reverse engineered a Sony PlayStation, enabling it to both read and write to memory within the device.

Marketing 52

Marketing Education IT Security 52

ForAllSecure

NOVEMBER 24, 2020

In this episode I talk about how Heartbleed (CVE 2014-0160) was found and also interview Rauli Kaksonen, someone who was at Codenomicon at the time of its discovery and is now a senior security specialist at the University of Oulu in Finland, about how new security tools are still needed to find the next big zero day.

Encryption 52

Encryption Artificial Intelligence Marketing Security 52

ForAllSecure

JANUARY 15, 2021

Third, It’s one thing to talk about network servers having exploitable vulnerabilities -- and Mike is an expert on ICS and automotive software as well -- but it’s quite another when the software involves life critical services. Vamosi: This is bad. Supply chain compromises have been talked about for a few years now.

IT 52

IT Manufacturing Government Paper 52

ForAllSecure

JANUARY 15, 2021

Third, It’s one thing to talk about network servers having exploitable vulnerabilities -- and Mike is an expert on ICS and automotive software as well -- but it’s quite another when the software involves life critical services. Vamosi: This is bad. Supply chain compromises have been talked about for a few years now.

IT 52

IT Manufacturing Government Paper 52

ForAllSecure

JUNE 16, 2021

In this episode, Jason Kent from Cequence Security talks about his experience hacking a garage door opener API, the tools he uses such as Burp, ZAP, and APK tool, and why we need to be paying more attention to the OWASP API Security Top 10. Now, consider that your mobile probably has less overall memory than say your laptop.

Authentication 52

Authentication Communications IoT Security 52

ForAllSecure

JUNE 16, 2021

In this episode, Jason Kent from Cequence Security talks about his experience hacking a garage door opener API, the tools he uses such as Burp, ZAP, and APK tool, and why we need to be paying more attention to the OWASP API Security Top 10. Now, consider that your mobile probably has less overall memory than say your laptop.

Authentication 52

Authentication Communications IoT Security 52

Robert's Db2

OCTOBER 17, 2010

BP1 and BP2 should probably have -- depending on the server memory resource available to the operating system -- at least 40,000 buffers each (it's not uncommon for these pools to have in excess of 100,000 buffers apiece). I'll elaborate on this as I go along.

IT 48

IT Access 48

ForAllSecure

AUGUST 22, 2020

Walker: We’re here today to talk about bringing autonomy to the sport of hackers to capture the flag. I'm Robert Vamosi and in this episode I'm talking about the rise of security automation, and what we learned in first and only Cyber Grand Challenge in 2016. Google Podcasts. TheHackerMind.com. Host: Robert Vamosi.

IT 52

IT Security Cybersecurity Paper 52

ForAllSecure

AUGUST 21, 2020

Walker: We’re here today to talk about bringing autonomy to the sport of hackers to capture the flag. I'm Robert Vamosi and in this episode I'm talking about the rise of security automation, and what we learned in first and only Cyber Grand Challenge in 2016. Google Podcasts. TheHackerMind.com. Host: Robert Vamosi.

IT 52

IT Security Cybersecurity Paper 52

ForAllSecure

AUGUST 21, 2020

Walker: We’re here today to talk about bringing autonomy to the sport of hackers to capture the flag. I'm Robert Vamosi and in this episode I'm talking about the rise of security automation, and what we learned in first and only Cyber Grand Challenge in 2016. Google Podcasts. TheHackerMind.com. Host: Robert Vamosi.

IT 52

IT Security Cybersecurity Paper 52

Scary Beasts Security

DECEMBER 5, 2016

At the time of writing, my Fedora 25 install just received gstreamer1-plugins-bad-free-1.10.1-1.fc25 Recap of exploitation primitives You can refer to the original post for a fuller description, but essentially, the vulnerability is an integer overflow in canvas allocation, leading to decoder commands operating on out of bounds memory.

Metadata 26

Metadata IT 26

ForAllSecure

OCTOBER 13, 2020

I’m Robert Vamosi and in this episode I’m discussing how a professional hacker just happened to find a vulnerability in Google’s Chromium, and why that’s not necessarily a bad thing that he did that, and why, perhaps, hackers like this should be compensated fairly. Vamosi: This is Tim. So it’s kind of important.

Communications 52

Communications IT Marketing Security 52

ForAllSecure

OCTOBER 13, 2020

I’m Robert Vamosi and in this episode I’m discussing how a professional hacker just happened to find a vulnerability in Google’s Chromium, and why that’s not necessarily a bad thing that he did that, and why, perhaps, hackers like this should be compensated fairly. Vamosi: This is Tim. So it’s kind of important.

Communications 52

Communications Marketing IT Security 52

Archives Blogs

NOVEMBER 2, 2017

Seated at the piano, he divides his talk into The Serious Side of Music and Fun with Music. Demystifying the art of music, he claims “we need today more bad musicians.” He first displayed his talent and his remarkable memory for tunes in a 1928 plagiarism case involving “Yes, We Have No Bananas.”

Archiving 20

Archiving Education Libraries IT 20

ForAllSecure

OCTOBER 13, 2020

I’m Robert Vamosi and in this episode I’m discussing how a professional hacker just happened to find a vulnerability in Google’s Chromium, and why that’s not necessarily a bad thing that he did that, and why, perhaps, hackers like this should be compensated fairly. Vamosi: This is Tim. So it’s kind of important.

Communications 52

Communications IT Marketing Security 52

The Last Watchdog

MAY 7, 2019

The bad guys are taking full advantage of the fact that many companies continue to rely on legacy defenses geared to stop tactics elite phishing rings are no longer using. And since browser extensions may only exist in browser memory and are part of a “trusted application” (i.e. The bad guys figured that out. Talk more soon.

Phishing 157

Phishing Cloud Analytics Security 157

ForAllSecure

SEPTEMBER 1, 2020

I’m Robert Vamosi and in this episode I'm continuing to talk about the rise of security automation, and what we learned after first and only Cyber Grand Challenge in 2016. That's not bad for a machine. Vamosi: Welcome to The Hacker Mind, an original podcast from ForAllSecure. Humans are needed to know how to encode that.

IT 52

IT Security Information Security Cybersecurity 52

ForAllSecure

AUGUST 31, 2020

I’m Robert Vamosi and in this episode I'm continuing to talk about the rise of security automation, and what we learned after first and only Cyber Grand Challenge in 2016. That's not bad for a machine. Vamosi: Welcome to The Hacker Mind, an original podcast from ForAllSecure. Humans are needed to know how to encode that.

IT 52

IT Security Information Security Cybersecurity 52

ForAllSecure

AUGUST 31, 2020

I’m Robert Vamosi and in this episode I'm continuing to talk about the rise of security automation, and what we learned after first and only Cyber Grand Challenge in 2016. That's not bad for a machine. Vamosi: Welcome to The Hacker Mind, an original podcast from ForAllSecure. Humans are needed to know how to encode that.

IT 52

IT Security Information Security Cybersecurity 52

ForAllSecure

DECEMBER 10, 2020

In this episode, Guido Vranken talks about his approach to hacking, about the differences between memory safe and unsafe languages, his use of fuzz testing as a preferred tool, and how he came to discover the validation error in OpenWRT, as well as a serialization error in cereal, and other vulnerabilities. So what am I going to do?

Libraries 52

Libraries IT Security Manufacturing 52