Articles by Paul Robertson


June 17, 2014

By Paul Robertson

Do your workplace policies cover wearable devices?  Many commercial and Government facilities ban cameras and cellular phones with cameras, but having such policies and not enforcing them can hurt you in the wake of a successful attack.  


January 25, 2014

By Paul Robertson

After years of attending and speaking at information security conferences I found that they fall into three buckets including, training, exercises corporate networking and ethical hacking.


December 19, 2013

By Paul Robertson

We’ve all had or seen server room doors protected by combination locks. 

Most safes these days are protected by electronic keypads, like the ones used to safeguard on-site backup tapes. Using digital keypads, one’s fingers transfer a minute amount of heat to each key pressed.   

This heat can be read by thermal imaging cameras for a short period of time after the keys have been pressed.


November 21, 2013

By Paul Robertson 

Bring your own devices (BYOD), USB flash drives, signing into compromised personal web-based accounts from work, and shared passwords. These are some of the reasons for information security professionals to train their employee user base, even when it’s about apparent non-work related computing resources.


November 11, 2013

By Paul Robertson

Wireless cameras, RFID key cards, keyboards, cordless phones, just about every wireless technology that isn’t light- or sound-based will attract a hoard  of researchers (and attackers) looking at ways to exploit  them. Are you prepared?


November 6, 2013

By Paul Robertson

Contactless card transactions are becoming increasingly popular in the United States, Europe and Asia. In the United Kingdom alone there are some 34.5 million cards in issue with contactless functionality according the UK Cards Association.


November 4, 2013

By Paul Robertson

Firmware attacks are growing increasingly popular among software hackers. Despite efforts to issue patches for firmware, reported attacks are on the uptick. 

For instance, Ruben Santamarta, a security researcher at IOActive, recently posted a blog in which he describes how he directed the firmware of a counterfeit money detector to force the system to literally accept any piece of paper as legitimate currency.


November 1, 2013

By Paul Robertson

November 2, 2013 is the 25th anniversary of the Morris Worm. In the intervening years, we have not solved the problems of buffer overflows, reusable single-factor credentials, peer-to-peer trust or password reuse.

What then have we learned from this incident?


November 1, 2013

By Paul Robertson

MIT researchers have produced a new paper that uncovers security flaws in C and C++ software, generated by compiler optimizations that discard ambiguous code or code, which produce undefined behavior.  

The Human Factor: Gain new insight into the ways attackers exploit end-users' psychology​​

About Security Current | Privacy Policy | Subscribe to our newsletter