Latest Blog Posts


Congress to Use Skype Despite Security Concerns

June 29, 2011 Added by:Headlines

Members of Congress will now be allowed to use Skype video conferencing on government networks. The announcement comes on the heels of revelations that Microsoft had filed a application in 2009 seeking to patent technology that allows for surreptitious recording of Skype transmissions...

Comments  (0)


Federating Identity by Twitter - Am I Just Too Paranoid?

June 29, 2011 Added by:Rafal Los

When I go to see my stats I get this lovely looking pop-up box asking me to provide my Twitter credentials, and telling me all about what capabilities this app will have once is has access to my profile. Maybe I'm just entirely too paranoid - but what to you think... would you allow this?

Comments  (1)


Google is Your Friend - If You're a Lulzer

June 29, 2011 Added by:Kevin McAleavey

There are exploit GUI's readily available for PostgreSQL, MSSQL and Oracle as well as lesser and older databases. If it's there, and they can find it, and they can talk to it, and you're not properly filtering what can get to it, your site could very well be the next breaking news story...

Comments  (5)


Phishing Ring Leader Sentenced to Thirteen Years

June 29, 2011 Added by:Headlines

Operation Phish Phry revealed how Egyptian hackers obtained account numbers and personal identification information from bank customers through phishing — a technique that involves sending e-mail messages that appear to be official correspondence from banks or credit card vendors...

Comments  (0)


LulzSec Spree Sparks DHS Response

June 28, 2011 Added by:Ron Baklarz

In the wake of the recent LulzSec 50 day hacking spree that left many high profile companies and organizations scrambling, DHS released "detailed guidance" on the top 25 vulnerabilities. The "Common Weakness Enumeration" list was developed in collaboration among DHS, Mitre, and SANS...

Comments  (1)


Hey You, Get Off of the iCloud

June 28, 2011 Added by:Kelly Colgan

Recent cloud-based data breaches have solidified the notion of cloud-insecurity in the consumers' mind. My concern with the iCloud is that Apple, which has mastered the art of slick marketing, could make the American consumer a whole lot less skeptical, and a whole lot less secure...

Comments  (0)


Microsoft: WebGL is Too Dangerous to Support

June 28, 2011 Added by:Bill Gerneglia

If there is one thing that Microsoft knows well, it is security holes in operating systems and device drivers. They have been heavily engaged in finding complex engineering solutions to solve some of the most difficult security compromises for more than 20 years. We should all listen to this warning...

Comments  (0)


Fraudulent Credit Applications Start with the Device

June 28, 2011 Added by:Robert Siciliano

Device fingerprinting coupled with the device’s reputation and risk profile helps identify the bad guys in the acquisition channel, so you don’t have to rely on other fraud detection tools that drive up the cost to decision an application...

Comments  (0)


Expect More Internet Anarchy with Dawn of School4lulz

June 28, 2011 Added by:Headlines

By concentrating on instruction and inspiration, the leadership of these now infamous hacker networks can effectively remove themselves as primary targets for law enforcement and anti-AntiSec hackers, and instead encourage their less-savvy teen minions to commit attacks and take the heat...

Comments  (7)


What the CISSP Won't Teach You

June 28, 2011 Added by:Boris Sverdlik

Information security unlike other industries does not sleep; I personally spend 3+ hours a day just learning what I can. Technology, regulations and attack methods change every day. If you don’t stay ahead of it, you will end up with pie on your face when you get hit with the latest New Thing...

Comments  (4)


Critics Rip White House Cybersecurity Proposal

June 28, 2011 Added by:Headlines

"Virtually everybody gets breached. If you're going to have these advanced persistent threat guys come after you, they're going to get into your system. If you're going to make that the line, and then you're subject to these name-and-shame penalties, I think that would be a mistake..."

Comments  (0)


LulzSec Disbands: The Attacks Live On

June 28, 2011 Added by:Andrew Herlands

In the end, no single technology will prevent all attacks from succeeding. Security best practices dictate implementing layers of security defenses, policies, and employee training to ensure that when one defense fails the hacker must contend with many other defense layers...

Comments  (0)


EFF Releases 'Know Your Digital Rights' Guide

June 28, 2011 Added by:Headlines

"Sometimes police can search your computer whether you like it or not, but sometimes they can't. We wrote this guide to help you tell the difference and to empower you to assert your rights when the police come knocking..."

Comments  (0)


Protecting Linux Against DoS/DDoS Attacks

June 27, 2011 Added by:Jamie Adams

When I first heard ridiculous-sounding terms like smurf attack, fraggle attack, Tribal Flood Network (TFN), Trinoo, TFN2K, and stacheldraht, I didn't take them too seriously for a couple of reasons — I worked mainly on non-Internet facing systems, and I was never a victim...

Comments  (0)


Where is the Focus on Randomness in Cryptography?

June 27, 2011 Added by:Emmett Jorgensen

The risk in using an RNG that is not truly random stems from the ability of an attacker analyzing the encrypted data and potentially discovering patterns to the encryption. This could allow some type of reverse engineering of the encrypted data or keys...

Comments  (2)


The Legal Implications of Social Networking

June 27, 2011 Added by:David Navetta

Companies are stampeding to exploit social networking. Many legal issues could increase the risk and liability potential of an organization employing a social media strategy. In this multi-part series the InfoLawGroup will identify and explore the legal implications of social media...

Comments  (0)

« First < Previous | 290 - 291 - 292 - 293 - 294 | Next > Last »