Get your Briefs HERE

Ok, it's not going to be like the briefs of old, mostly because we're old and don't really have time to be your news watchers of the day. And The Intern has graduated and gone on to get another degree. But... We're using a janky "put stuff on Tumblr so that it can get picked up by IFTTT and populate the Podcast with cool stuff..." routine and you can be ...

Continue reading

4 Tips for Jaded #RSAC Attendees

For years, I've been writing annual survival guides for new attendees at Black Hat, DEF CON and RSA. I'll do the same this year, but for this post I want to build on a new survival guide I created for the more jaded conference-goer. The occasion was last summer's Black Hat/DEF CON. Now, it's for those who will be attending their zillionth RSA Conference at the end of February. ...

Continue reading

4 Tips for Jaded Black Hat/DEF CON Attendees

Soon, in various publications, articles will appear with advice for folks attending Black Hat and DEF CON for the first time. Advice for newbies is important, and I’ve written my own survival guide for that over the years. But for this post, I'm speaking to the battle-hardened veterans who have made the journey repeatedly over the years. Having attended too many of these to count, I consider myself a ...

Continue reading

“Equal Respect” at ‪#‎RSAC

Some folks in the security industry see me as a member of the "Equal Respect" movement against so-called booth babes at conferences. Not exactly. I certainly respect the opinion of people attached to the cause, and good for them, fighting for what they believe in. But for me, this has never been about equal respect among the genders. It's never been about whether women who work as booth babes are ...

Continue reading

Videos from #BSidesSF

If you missed BSidesSF, you now have a chance to see everything that happened there, thanks to the efforts of @irongeek_adc. He has already posted a full plate of videos from BSidesSF. Go to his website for the full index of videos, which capture the presentations given over the last two days. Our thanks to @irongeek_adc for all the great work.

Four Security Exhibits That Won Without “Booth Babes”

After last week's post on RSA Conference banning so-called booth babes, I heard from a lot of people who agree vendors need to find other ways to attract attention during security conferences. One reader correctly noted that this unfortunate phenomenon isn't the result of bad intentions. It's just that some marketing teams don't know any better. They assume the booth babes work because they see others using them. What to ...

Continue reading

RSA’s Move to Ban Booth Babes

The language above has been added to exhibitor contracts for RSA Conference 2015. Zenobia Godschalk, a communications practitioner in the security industry and vocal critic of so-called "booth babes" at conferences like RSA and Black Hat, dropped me a line to say RSA added the language to force vendors to stop with the skimpy clothing. It appears the years of blowback over booth babes has had an affect, at least in ...

Continue reading

What “Hug-Gate” Says About The Infosec Community

Every once in awhile, someone in the security community says something on Twitter that ignites emotional discussion (some call it drama). This past weekend, it started with a comment about hugs. Someone commented that some security cons involve a lot of hugging and that it makes her uncomfortable. Someone responded with a comment about the benefits of hugs. Then all hell broke loose. Why, the first person asked, do people ...

Continue reading

New Adobe Flash Vulnerability – CVE-2015-0313

Oh, joy. Adobe has put out yet another security bulletin for vulnerabilities in Flash.  Details: Security Advisory for Adobe Flash Player Release date: February 2, 2015 Vulnerability identifier: APSA15-02 CVE number: CVE-2015-0313 Platform: All Platforms Summary A critical vulnerability (CVE-2015-0313) exists in Adobe Flash Player 16.0.0.296 and earlier versions for Windows and Macintosh.  Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected ...

Continue reading

3 Books that Changed My Life

The following is cross-posted from the Security Uncorked blog... My friend Jennifer Minella is doing a series where she asks folks from the security community about three books that changed their lives. She kicks it off with me. *** In this series, I asked infosec professionals to name 3 books that changed their life. This entry includes picks from journalist, writer and podcaster Bill Brenner. When I set out seeking contributors for ...

Continue reading