Pwnie Express :: Wired, wireless, and 3G pentesting dropboxes
Social-Engineer.Com – Professional Social Engineering Training and Services
Ethical Hacking

Security engineering Security engineering is a specialized field of engineering that focuses on the security aspects in the design of systems that need to be able to deal robustly with possible sources of disruption, ranging from natural disasters to malicious acts. It is similar to other systems engineering activities in that its primary motivation is to support the delivery of engineering solutions that satisfy pre-defined functional and user requirements, but with the added dimension of preventing misuse and malicious behavior. These constraints and restrictions are often asserted as a security policy. Security engineering
Ross Anderson's Home Page Ross Anderson's Home Page Ross Anderson [Research] [Blog] [Politics] [My Book] [Music] [Contact Details] What's New


Several students asked for a more complete class outline. So, in addition to the outline posted currently by Black Hat, I present the following that shows what sort of material I cover in my new class. Please note that discounted registration ends 11:59 pm EDT October 24th. You can register here.
This is an update to my earlier post. Cloudflare is reporting that it's very difficult, if not practically impossible, to steal SSL private keys with this attack. Here's the good news: after extensive testing on our software stack, we have been unable to successfully use Heartbleed on a vulnerable server to retrieve any private key data. Schneier on Security

Schneier on Security

Social Engineering - Security Through Education

Social Engineering (SE) is both incredibly complex and amazingly simple. What really is social engineering? We define it as the act of manipulating a person to accomplish goals that may or may not be in the “target’s” best interest. This may include obtaining information , gaining access, or getting the target to take certain action. Social Engineering - Security Through Education
Elicitation Techniques
Security, privacy, and user accounts - Help & How-to

(ISC)² Security Transcends Technology

Wim Remes and Dave Lewis spoke to Editor Dan Raywood of IT Security Guru about their new roles as officers on the 2014 (ISC)² Board of Directors and how they're influencing the organization. • Read the article (ISC)² EMEA's John Colley on Cover of SC Magazine UK In John Colley's SC Magazine UK cover story "Surety Business," he says that the UK is making strides toward being the safest place to do business online, but that aim is threatened by the shortage of cybersecurity skills. Better Late than Never: 5 Steps to Mitigating XP Risks (ISC)² Security Transcends Technology