Analysis of MBR File System Infector

Analyzing the Compromise – without Going Hungry

Apple iOS Push Notifications: Security Implications, Abuse Scenarios, and Countermeasures

Are you sure SHA-1+salt is enough for passwords?

Blog Post: Breaking up the Romance between Malware and Autorun

Browser plugins and security considerations

Comic for February 15, 2011

Controlling the Flow of Information in the 21st Century

Don’t Sacrifice Security on Mobile Devices

Educating users on the safe use of whole device encryption

Ethics of password cracking/dissemination

Feature: Anonymous speaks: the inside story of the HBGary hack

Feature: Black ops: how HBGary wrote backdoors for the government

Five Key Design Decisions That Affect Security in Web Applications

How To Outrun A Lion?

HTTP headers fun, (Tue, Feb 15th)

Ignore the OWASP Top 10 in Favor of Mike’s Top 10

IPv6 Myths

Kaspersky Antivirus Source code leak (KAV 8 2009)

Measuring password re-use empirically

ModSecurity Advanced Topic of the Week: Passive Vulnerability Scanning Part 1 – OSVDB Checks

ModSecurity Advanced Topic of the Week: Real-time Application Profiling

Old programming habits die hard

Probabilities in Random Testing

Shmoocon 2011: Defeating mTANs for profit

Shmoocon 2011: Printer to Pwnd

Should Software Evolve?

Societal Security

Some common Infosec job roles and related certifications

SSDs prove difficult to securely erase

Stop Exposing Yourself!

The Dead Giveaways of VM-Aware Malware

The Lure of Notoriety for Information Security Experts

The Piano Test for Program Verification

To Improve Mobile Security, Policies Will Need to Change

Who Verifies the Verifiers?

Why Physical (Network) Security is Important?

Your guide to the seven types of malicious hackers