Code of Ethics for Cybersecurity

An ethical code for cybersecurity

The battle between black hats and white hats will never end, but do we need some kind of Geneva Convention for how it’s waged? Security pros must often engage black hats, either directly or indirectly, and the rules of engagement aren’t always clear. Sometimes they can also raise ethical issues. Take Facebook’s approach to password […]

Read more
Biometric Doppelganger

How to impersonate someone for 22 cents

  For years, researchers have developed ways to bypass biometric scanners and impersonate other people. Now, there’s a new technique: disguising yourself as Elvis Costello to fool a facial recognition system. Late last month, researchers at Carnegie Mellon unveiled a new attack designed to fool facial recognition systems that involves the use of glasses with […]

Read more
What Is Your Phone Telling People?

What Is Your Phone Broadcasting?

Your phone might be telling the world more than you think – and Solomon Sonya is listening. The US Air Force trainer, who speaks today at SecTor 2016, will be unveiling a tool that can find out where your phone has been. It can be put together using little more than a Raspberry Pi and […]

Read more
B-Sides

B-Sides: A Grassroots Security Movement

Some of the music industry’s best hits came from B-sides. Gloria Gaynor’s I Will Survive was a B-track, as was the Red Hot Chilli Pepper’s most successful single ever, Soul To Squeeze. Vanilla Ice’s US #1 hit Ice Ice Baby was also a B-side, but we try not to talk about that. The point is […]

Read more

Understanding Malware from the Inside Out

Analyzing malware has always been a little like working in a digital virology lab. Researchers have to organize virus and worm samples, and keep them in a protected environment that won’t risk infecting anyone else. Then they must pick the viruses apart, often trying to outwit malware coders that may have built anti-analysis measures into […]

Read more

The Key To Avoiding Another OPM

Chris Pogue has a special interest in last year’s US Office of Personnel Management data security breach – his details were among those that were stolen. Pogue, chief information security officer at Nuix, spent several years in the US army teaching cyberwarfare. His was one of the 21.5 million government-employed individuals whose information ended up in the […]

Read more
Airbnb Pwned

Airbnb Renters: You May Already Be Pwned

The sharing economy enables people to unlock the latent value in their time and property. Renting your apartment to someone for a weekend is good for the wallet. Letting someone stay in it for free as part of a worldwide peer-to-peer hospitality network is good for the soul. Underneath all of the warm fuzzies, though, […]

Read more
Why was my SecTor talk declined

Why Wasn’t My SecTor Talk Accepted?

A message from Brian Bourne, director and co-founder of Black Arts Illuminated. For every proposed talk that makes it into the SecTor conference, there are many others that don’t make the cut. We decided to share this blog post to help those people understand why their talk may have been declined. Hopefully, it will also […]

Read more

Rebooting Canada’s Cybersecurity Strategy

What should Canada’s next cybersecurity strategy look like? The federal government is asking the country how it should the harden private and public sector against attack. Public services minister Ralph Goodale announced the three-month consultation in late August, after voicing the need for an update. Items on the government’s agenda include certification schemes for business […]

Read more
How to find your biggest security threats

How to find your biggest security threats

Roger Grimes gets angry when stories like this one, about Microsoft’s UEFI security snafu, emerge – and not just because he works for Microsoft. “It’s so complicated to pull off, it’s going to be fixed with a patch, but they’re not patching Java, or Acrobat, or the things that are actually being exploited,” said Grimes, […]

Read more

Security Pros: Do Your Users Hate You?

What have modern policing and cybersecurity got in common? Both sometimes suffer from a lack of perspective and alienate the public that they’re supposed to serve, according to Brendan O’Connor. As a lawyer working in the cybersecurity space, the SecTor 2016 speaker sees a lot of opportunity for both cops and security pros to improve their […]

Read more
Subscribe to the Sector Blog
Enter your contact information below to have future blog posts delivered directly to your inbox!
Fields marked with an * are required