If a picture is worth a thousand words, then video’s value to learning must be immense. This collection of videos touches on many of the subjects discussed above and provides valuable reinforcement of some important security lessons. The Sony Pictures hack was a breach unlike others. John Dickson, principal at Denim Group, talked to SearchSecurity […]
Organizations that want to manage their security risk need to understand how they are exposed. The applications an organization runs make up a tremendous amount of this exposure due to the fact that vulnerabilities in the applications, as well as misconfigurations, are likely targets for attackers. Being able to properly defend these applications requires the […]
Running a bug-bounty program these days marks a departure from a decade ago, when researchers had to worry that, if they reported a bug, they could open themselves up to civil lawsuits or criminal prosecution. In fact, the trajectory of profiting from vulnerability research has followed the path of digital music, said Dan Cornell, CTO […]
“Simply put, WannaCry separates those companies who have their security act together from those that do not,” said John Dickson, security expert and principal at the Denim Group, a company that develops secure, resilient software and provides security advisory and testing services. “System updating – i.e. ‘patching’ – is one of the most mundane aspects of […]
In-brief: We speak with Sean Dillon of the firm RiskSense, who helped reverse engineer DoublePulsar and EternalBlue, the Windows exploit tools used to help spread the WannaCry ransomware. We also chat with John Dickson of The Denim Group about the impact of President Trump’s Cyber Executive Order.
“It’s unequivocally scary,” said John Dickson of the Denim Group, a US security consultancy. Dickson said the malware itself, which exploits a flaw in Windows, was not new but that adding the ransomware “payload” made it especially dangerous. “I’m watching how far this propagates and when governments get involved,” he said.