Latest Blog Posts

959779642e6e758563e80b5d83150a9f

Why Windows is a Bad Idea for Medical Devices

July 12, 2011 Added by:Danny Lieberman

Vendors that use Windows for less critical devices are actually increasing the threat surface for a hospital since any Windows host can be a carrier of malware, regardless of it’s primary mission function, be it user-friend UI at a nursing station or intensive care monitor at the bedside...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Black Hat Vegas 2011 Video Interview Opportunity

July 12, 2011 Added by:Infosec Island Admin

Infosec Island will be conducting a series of video interviews with companies and vendors at the Black Hat USA 2011 conference in Las Vegas, NV. The interviews offer the opportunity for companies to highlight their knowledge of emerging trends in the information security field...

Comments  (0)

C787d4daae33f0e155e00c614f07b0ee

Infosec and Internal Audit Working Together

July 11, 2011 Added by:Robb Reck

The difference between security and internal audit is slight, but significant. We are both looking to address risk, but security is considered a part of the business, and audit must be an impartial third party. By working together both teams can become better at what they do...

Comments  (3)

4085079c6fe0be2fd371ddbac0c3e7db

What is a Kernel Level Audit Trail?

July 11, 2011 Added by:Jamie Adams

Few people understand how audit records are generated or the difference between a kernel level audit trail and an application event log. It is critical to configure auditing and logging mechanisms to capture the right data to safeguard the data to prevent it from being modified...

Comments  (0)

E9e4b2893895604b1b913b7b02e6640b

Six Tips to Protect Your Personal Data After a Breach

July 11, 2011 Added by:Brian McGinley

Data breaches are an everyday occurrence affecting millions of Americans each year. Just ask crafters who shop at Michael’s Stores, Sony PlayStation Network gamers, and investors at Morgan Stanley. They’re all vulnerable to identity theft because their information (PII) was exposed...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Federal Contractor IRC Federal Hit by AntiSec Hackers

July 11, 2011 Added by:Headlines

"They brag about their multi-million dollar partnership with the FBI, Army, Navy, NASA, and the DoJ, selling out their "skills" to the US empire. So we laid nuclear waste to their systems... dropping their databases and private emails, and defaced their professional looking website..."

Comments  (1)

Ba829a6cb97f554ffb0272cd3d6c18a7

The Birth of the Antivirus Industry

July 11, 2011 Added by:Kevin McAleavey

The entire industry has been entirely sublimated by people who have no real idea of what the mission is and only count beans. And it shows in the quality of work performed by the numerous products across the board to the detriment of those paying them for a task that they're no longer up to...

Comments  (4)

69dafe8b58066478aea48f3d0f384820

Prosecutors Demand Laptop Password

July 11, 2011 Added by:Headlines

"Ordering the defendant to enter an encryption password puts her in the situation the Fifth Amendment was designed to prevent: having to choose between incriminating herself, lying under oath, or risking contempt of court..."

Comments  (0)

A966b1b38ca147f3e9a60890030926c9

Winning the Critical Infrastructure War

July 10, 2011 Added by:Chris Blask

The reality is that there is no way to guarantee that all of the critical systems underpinning modern culture will be safe from cyber attack. There will be more successful and spectacular demonstrations of the fragility of these amazing architectures. There is no need to add drama to the issue...

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

Lessons from LIGATT

July 10, 2011 Added by:Ben Rothke

It is the common opinion of industry experts that Evans and his company have little real knowledge beyond pedestrian hacking techniques found in plagiarized books and beginner hacking texts. LIGATT offers products that are simply bloated version of common tools such as ping and nmap...

Comments  (7)

65be44ae7088566069cc3bef454174a7

UCLA Health System Pays $865K to Settle HIPAA Violations

July 10, 2011 Added by:Rebecca Herold

“Covered entities need to realize that HIPAA privacy protections are real and OCR vigorously enforces those protections. Entities will be held accountable for employees who access protected health information to satisfy their own personal curiosity..."

Comments  (0)

37d5f81e2277051bc17116221040d51c

Phishers, Shoulder Surfers and Keyloggers

July 10, 2011 Added by:Robert Siciliano

McAfee’s most unwanted criminals include pickpockets, Trojans, and ATM skimmers, dumpster divers, spies, and wireless hackers and now phishers, shoulder surfers, and keyloggers. The key is awareness, vigilance, and investing in products and services that are designed to protect you...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Using DLP to Prevent Credit Card Breaches

July 09, 2011 Added by:Danny Lieberman

PCI DSS 2.0 does not require outbound, real time or any other kind of data loss monitoring. The phrases “real time” and “data loss” don’t appear in the standard. In an informal conversation with a PCI DSS official in the region, he confessed to not even being familiar with DLP...

Comments  (0)

1789975b05c7c71e14278df690cabf26

The ABZs of Cybersecurity

July 09, 2011 Added by:Pete Herzog

The points made in this article reflect the research findings outlined in the OSSTMM 3: operational security controls, security and trust metrics, and the Moebius Defense security model where environmental protection precedes security awareness. You can find OSSTMM research at the ISECOM website...

Comments  (1)

B64e021126c832bb29ec9fa988155eaf

How to Log In to Windows Without the Password

July 08, 2011 Added by:Dan Dieterle

This process works on a fully patched and updated Windows 7 system. When I checked it last year, it also worked on all of Windows server products. Windows protects these system files from being modified when Windows is booted, but booting in Linux to alter them just takes a couple minutes at most...

Comments  (14)

69dafe8b58066478aea48f3d0f384820

Connexion Hack Team Dumps Military and Gov Accounts

July 08, 2011 Added by:Headlines

A new ad-hoc group of hacktivists calling itself "Connexion Hack Team" has published a list of email addresses associated with the US government including account information from the military, the Department of Homeland Security, the National Security Agency, and several state agencies...

Comments  (1)


« First < Previous | 290 - 291 - 292 - 293 - 294 | Next > Last »