Malware typically targets vulnerabilities that were fixed a long time ago. This only works because users are not installing security updates. We set out to find out who these users are, how many of…

Pass the Hash and other credential theft and reuse has become one of the most popular attacks affecting our customers. In 2012, multiple of our high profile customers made their top priority to…

After years of promises, 2012 finally saw the PC industry transition from the legacy BIOS interface to the slightly less legacy UEFI. UEFI gave us a firmware interface with modern functionality (High…

The new Windows Store App environment was built to provide the user with confidence: nothing bad should happen to the typical user, no matter how many Windows Store Apps they try, buy, and uninstall.…

"Near Field Communication (NFC) has been used in mobile devices in some countries for a while and is now emerging on devices in use near you. This technology allows NFC-enabled devices to…

No description available.

Due to their high practical impact, Cross-Site Scripting (XSS) attacks have attracted a lot of attention from the security community members. In the same way, a plethora of more or less effective…

Passwords suck. Security questions are a joke. Two-factor? Hah. Web authentication is frustratingly broken. Over the past year, Facebook engineers have been experimenting with various attempts to…

As the world continues to move more and more online and toward the cloud, so have the people who target our customers with fraud and abuse. In this talk I will give insights into the types of issues…