Latest Blog Posts

69dafe8b58066478aea48f3d0f384820

EMC's Security Division Hacked

March 18, 2011 Added by:Headlines

"Our investigation has led us to believe that the attack is in the category of an APT... and revealed that the attack resulted in certain information being extracted from RSA's systems. Some of that information is specifically related to RSA's SecurID two-factor authentication products..."

Comments  (0)

9259e8d30306ac2ef4c5dd1936e67634

Seven Steps for Implementing Policies and Procedures

March 17, 2011 Added by:Dejan Kosutic

Have you ever been given the task to write a security policy or a procedure, but you don't want your document to end up gathering dust in some forgotten drawer? Here are some thoughts that might help you...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Compromises, Budgets and Nonsense

March 17, 2011 Added by:Rafal Los

There is no amount you can spend right now that can make anything better. Software Security Assurance programs, even bare-bones application security testing-only efforts take months to surgically insert into an organization. Generally, money isn't the only part of the equation that's missing...

Comments  (0)

98180f2c2934cab169b73cb01b6d7587

Payment Card Industry Data Security Standards Overview

March 17, 2011 Added by:Jon Stout

In a nutshell, the PCI DSS requires companies to build and maintain a secure network. The purpose of the PCI DSS is not only to reduce the amount of payment card fraud and identity theft, but also the costs of mitigating the institutional risks associated with those activities...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Social Media and Lone Wolf Terror Attacks

March 17, 2011 Added by:Dan Dieterle

Social media sites that is allowing terror groups to communicate, especially to singular operatives, according to The National’s coverage of a Saudi counter-terrorism conference. Of major concern was how to combat the use of social media sites to recruit and communicate with lone wolf terrorists...

Comments  (0)

850c7a8a30fa40cf01a9db756b49155a

HBGary Federal Security Fail... Again

March 17, 2011 Added by:J. Oquendo

IP based authentication is somewhat helpful, but can be hurtful. While an administrator can define who can and cannot visit locations, servers, pages, this can become a cumbersome process. It also does little against a potential client side attack where an attacker accesses a trusted machine...

Comments  (0)

0dc5fdbc98f80f9aaf2b43b8bc795ea8

Who’s NAPping on Your Network? (Part Two)

March 17, 2011 Added by:Global Knowledge

In the last post I described a high-level overview of 802.1x authentication. Now, let’s dive a bit deeper into the use of 802.1x as a foundation for Network Access Protection (NAP) enforcement of health policies in a Windows Server 2008 network infrastructure...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Twitter Offers "Always Use HTTPS" Security Feature

March 17, 2011 Added by:Headlines

The new feature allows users the option to "Always Use HTTPS". Among other security benefits, the HTTPS feature will prevent users from having their login credentials stolen by Firesheep attackers when logging in to their accounts over unencrypted Wi-Fi connections...

Comments  (0)

49afa3a1bba5280af6c4bf2fb5ea7669

IT Job Market Intel - Cutting Through the Fog

March 17, 2011 Added by:Mike Meikle

Once again, IT pros are going to have to develop significant business skills to set themselves apart from their mono-technical peers. While you may be able to capitalize on the Hot Skill Du Jour for a while, and we all have, it will continue to pay diminishing returns...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

RIM Advises BlackBerry Users to Disable JavaScript

March 17, 2011 Added by:Headlines

A successful exploit could allow the attacker to use the BlackBerry Browser to access user data stored on the media card and in the built-in media storage on the BlackBerry smartphone, but not to access user data that the email, calendar and contact applications store in the application storage...

Comments  (0)

39b6d5c1d3c6db11155b975f1b08059f

Implementing File Integrity Management (FIM)

March 17, 2011 Added by:Ron Lepofsky

If your organization is addressing data loss prevention (DLP) by minimizing the risk of damage by malicious code and by enforcing strict access controls to mitigate unauthorized access, then FIM is something you might also want to consider. FIM is monitoring all aspects of changes to key files...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Alexander Says U.S. Unprepared for Cyber Attack

March 17, 2011 Added by:Headlines

"To put it bluntly, we are very thin, and a crisis would quickly stress our cyber forces. We cannot afford to allow cyberspace to be a sanctuary where real and potential adversaries can marshal forces and capabilities to use against us and our allies. This is not a hypothetical danger..."

Comments  (0)

A88973e7d0943d295c99820ab9aeed27

Financial Trojans: Following the Money

March 16, 2011 Added by:Simon Heron

The malware is able to wait until the victim has successfully logged on to their bank before inserting itself between the browser and the bank’s website and then invisibly transferring money to some individual who believes they are working for a legitimate company...

Comments  (8)

0c4ca84ec3f3f2d57194f8e0cbd5ba85

Companies Need to be Proactive About Corporate Security

March 16, 2011 Added by:Lindsay Walker

Managing and monitoring corporate security requires a strong commitment from everyone in an organization. Systems need to be updated regularly, IT personnel need to stay up to date on new security trends and employees require ongoing training to ensure they are doing their part to help out...

Comments  (0)

7d55c20d433dd60022642d3ab77b8efb

SMB Relay and Network Scanner Attacks

March 16, 2011 Added by:Alexander Polyakov

In big corporate networks there can be some servers with software that does an automated scan of the subnet for some purpose. This scan uses an SMB protocol and, of course, NTLM authentication. If an attacker's host is in the same subnet, he can complete the relay. Attackers just need to be patient...

Comments  (0)

1789975b05c7c71e14278df690cabf26

The "Lots of Sex" Risk and Security Project

March 16, 2011 Added by:Pete Herzog

Routines make us predictable which, becomes our flaw. The problem with "patching" these flaws is that they are design features which are the product of being human. In addressing those flaws we will also ruin many of the good things about people which make them creative, social, and productive...

Comments  (8)


« First < Previous | 290 - 291 - 292 - 293 - 294 | Next > Last »