Latest Blog Posts

7fef78c47060974e0b8392e305f0daf0

Cybersecurity Foundations Training Course Discount

August 08, 2011 Added by:Infosec Island Admin

Receive up to a $500 discount on the Cybersecurity Foundations course offered by Global Knowledge through the ISLAND TRADEWINDS program - Investigate cybersecurity threats and master techniques needed to protect your network...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

DEFCON Panel: Anonymous and LulzSec Are Everywhere

August 08, 2011 Added by:Headlines

“We have an opportunity to not just cause chaos, but to cause organized chaos. I’m suggesting the actions in pursuit of their own goal compromise their goal. There’s a way to render more specific what they want to accomplish," said panelist Josh Corman, research director at the 451 Group...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Encrypting the Web with HTTPS Everywhere

August 08, 2011 Added by:Headlines

"Your online reading habits and activities are vulnerable to eavesdropping, and your accounts are vulnerable to hijacking... Electronic Frontier Foundation created HTTPS Everywhere to make it easier for people to keep their user names, passwords, and browsing histories secure and private..."

Comments  (0)

8c4834b99847b9f7c9ee94b45df086f9

Talk of Password Demise Greatly Exaggerated

August 08, 2011 Added by:Emmett Jorgensen

Overall criminals and blackhat hackers have a variety of tools at their disposal to overcome passwords and encryption. But this doesn’t mean that passwords are obsolete. On the contrary, if used properly they are still incredibly effective at protecting our data...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

EastWest Institute Report on World Cybersecurity Summit

August 08, 2011 Added by:Headlines

“Cyber threats have taken on a new dimension over the last year, from Wikileaks and Stuxnet to large-scale theft of customer data... Despite new countermeasures, we are not winning the war on cyber crime. We need stronger policies to protect our digital economy..."

Comments  (0)

850c7a8a30fa40cf01a9db756b49155a

That Shady Rat Was Only a Security Peer

August 07, 2011 Added by:J. Oquendo

After reading about the APT called Shady Rat I shrugged my shoulders and said so what. Why are ten year old attacks and tools still a problem? The answer is simple: Many companies and their staff are under-qualified, incompetent, uneducated, all of the above, or just don't care about security...

Comments  (17)

7c5c876d1933023ac375eead04302e1a

Black Hat USA 2011, ISC2 and the Shady Rat

August 07, 2011 Added by:Boris Sverdlik

Information Security is a funny animal, what other industry can you mass market something that does absolutely nothing and have the product sell itself due to marketing? Why wouldn't you throw sex into the mix? All I can say is... RIGHT ON McAfee! Next year get some unicorns with boobs...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Why Complex Device Identification Isn’t Enough

August 07, 2011 Added by:Robert Siciliano

“Complex device identification” is more sophisticated. This security technique relies on disposable, one-time cookies, and creates a complex digital fingerprint based on characteristics including PC configuration, Internet protocol addresses, and geolocation...

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

On SIEM Services

August 06, 2011 Added by:Anton Chuvakin

When a SIEM vendor tries to sell you services, it is NOT vendor greed – but simply common sense. And if you say “no”, it is not “saving money” – but being stupid. SIEM success out-of-the-box, while real in some cases, is a pale shadow of what a well-thought through deployment looks like...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

How Cyrano de Bergerac Portends the Compliance Assessment

August 06, 2011 Added by:Thomas Fox

Enhanced Compliance Obligations build upon concepts which have been articulated for some time. By utilizing the annual compliance assessment a company more nimbly move towards a best practices program by determining if it currently has these concepts incorporated into the program...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Infosec Island's Scot Terban Replaces Aaron Barr at DEFCON

August 05, 2011 Added by:Headlines

"I look forward to talking about the hubris of LulzSec, Aaron Barr, and Anonymous as well as discuss the issues surrounding them. Cyber activism (hacktivism) is in its infancy and will likely turn into the next level of terrorism," Terban told Infosec Island...

Comments  (1)

E973b16363b3de77b360563237df7e32

Information Systems Security as a Profession

August 04, 2011 Added by:Bozidar Spirovski

If you’re considering a career in IS security, you’ll find job openings in a variety of related areas. Security specialists may be found in each of the following BLS occupational groups, and often enjoy salaries in excess of $100,000 per year...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Using Trust Maps to Manage Critical Systems

August 04, 2011 Added by:Brent Huston

The purpose of a trust map is to graphically demonstrate trust between components of your organization. It is a graphic of how authentication occurs, what systems share accounts and what systems trust other systems in an environment. Done properly, they become a powerful tool with a real payoff...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Researchers Break Military Chip Encryption Keys

August 04, 2011 Added by:Dan Dieterle

In the attack, power use is monitored during the power up sequence of the chip. As it is powered up, the chip accesses a key used to decrypt the configuration data file and data stream. By analyzing the power used, the team was able to decrypt the key...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

PLC Controlers, Stuxnet, and Kinetic Attacks: Black Hat 2011

August 04, 2011 Added by:Infosec Island Admin

Today we have a hacker community out there able to get their hands on code easily and even perhaps the PLC systems themselves to create even more exploits. Add to this that many SCADA systems have been connected to the Internet (as they should NEVER BE) ripe for attack and we have a big problem...

Comments  (1)

B451da363bb08b9a81ceadbadb5133ef

Native Auditing In Modern Relational Database Management

August 03, 2011 Added by:Alexander Rothacker

Modern databases provide powerful built-in auditing capabilities that are often underestimated. There are downsides of native auditing like the ability for a malicious user to manipulate the audit trail. Overall, this feature allows customers to monitor database activity at a very granular level...

Comments  (3)


« First < Previous | 290 - 291 - 292 - 293 - 294 | Next > Last »