Latest Blog Posts


Turkish Takedown Thursday: New Anonymous Attack

July 07, 2011 Added by:Headlines

"Our vessel recently encountered a Turkish Government frigate, a chance we could not not let pass. So we simply boarded their vessel (no need to fire any cannons, mind you, they never found out what happened until just now) and collected some booty..."

Comments  (0)


What to Do When You Get a Data Breach Letter

July 07, 2011 Added by:Kelly Colgan

A day doesn’t go by when we read news of a data breach at a major company, healthcare facility or financial institution. Epsilon, Sony and now Morgan Stanley, are a good examples. What do you do when a data breach notification letter lands in your mailbox? The short answer: Don’t panic...

Comments  (1)


Infosec Island Call for Interviews at Black Hat Vegas

July 07, 2011 Added by:Infosec Island Admin

Infosec Island will be conducting a series of short video interviews with select presenters and vendors at the Black Hat USA 2011 conference in Las Vegas, NV. The interviews offer the opportunity for subjects to highlight their knowledge of emerging trends in the information security field...

Comments  (0)


Risk Management and Compliance – Finally Coming Together?

July 07, 2011 Added by:Neira Jones

Compliance is about providing evidence that controls are in place and is a tactical exercise to ensure business continuity. However, it is not inherently risk aware or economically sensitive. Too much emphasis on compliance can actually increase risk by giving a false sense of security...

Comments  (0)


Defense Research Labs Targeted in Attacks

July 07, 2011 Added by:Headlines

"The good news is no classified information has been compromised or is in danger from this attack. At this time, we have not found any indication of 'exfiltration' of information from our unclassified networks as well," said PNNL spokesman Greg Koller...

Comments  (0)


How to Deal With Insider Threats

July 06, 2011 Added by:Dejan Kosutic

Insider threats will remain the biggest risk to the security of information - the complexity of systems and amount of data will only increase this threat in time. And the best way to deal with them is to prevent them - once they happen, you can only hope they won't go too far...

Comments  (3)


The Benefits of FUD

July 06, 2011 Added by:Emmett Jorgensen

Fear, Uncertainty, and Doubt. Enemy of skeptic IT Pros, ally of marketers. Why do infosec pros talk about FUD in a negative light? Granted, some vendors push the FUD aspects of their marketing a bit too much. However, I think a little FUD can be a healthy thing. Let me explain...

Comments  (4)


HIPAA: Rx For End-User Device Risks

July 06, 2011 Added by:Konrad Fellmann

Basically, if electronic PHI data is encrypted, purged, or physically destroyed before it is inadvertently disclosed, then it doesn’t count as a breach. If the information is protected in a way that it can’t be obtained by an unauthorized individual then you’re safe...

Comments  (0)


Evaluating the Cloud-Based Services Option Part II

July 06, 2011 Added by:Mike Meikle

Risk Management becomes a factor in determining if a Cloud solution is a viable choice. Businesses have to weigh the risk of moving a service or application to the Cloud against the potential for profit or savings. Risk management will have to educate the executives on the ramifications...

Comments  (0)


Data Breaches Are Up While Lost Records Are Down

July 06, 2011 Added by:Robert Siciliano

There are now multiple breach lists, and not all define a data breach the same way. According to the Identity Theft Resource Center, there were at least 662 data breaches in 2010, which exposed more than 16 million records. Nearly two-thirds of breaches exposed Social Security numbers...

Comments  (0)


Anonymous Remains Defiant in Wake of Italian Arrests

July 06, 2011 Added by:Headlines

"Anonymous is present and fights on, like it did in the past and will in the future, for the freedom of the internet. Italy Anonymous calls all citizens of the internet and the international Anonymous [movement]: We need you! Let them have it, stronger than ever...."

Comments  (2)


Wizard-Driven Software Security Testing

July 06, 2011 Added by:Rafal Los

The technology available today for testing your applications is quite complex, but many folks simply want to push the "magic security button" and get fast, accurate results. That's simply impossible, but the requirements continue to demonstrate this want. So what do we do?

Comments  (0)


McAfee: Attacks on South Korea Likely Cyberwar Exercise

July 06, 2011 Added by:Headlines

"This may have been a test of South Korea’s preparedness to mitigate cyberattacks, possibly by North Korea or their sympathizers... the attack itself was very limited and may have been utilized to test and observe how quickly the attack would be discovered, reverse engineered, and mitigated..."

Comments  (0)


Metasploit Payloads Explained - Part 1

July 06, 2011 Added by:Rob Fuller

The structure of most payloads tell you exactly what they do, but not always. If it says in the description that it's 'Inline' that means it is a single, if it says 'Stager' that means it's staged. Lets break a few of the lesser known ones down...

Comments  (1)


Morgan Stanley Reports Customer Data Breach

July 06, 2011 Added by:Headlines

"The sensitive information on the password-protected CD-ROMs included names, addresses, Social Security numbers, Morgan Stanley Smith Barney account numbers and income earned on tax exempt bonds or funds you hold or held in 2010..."

Comments  (1)


What the CISSP Won't Teach You - Part Trois

July 05, 2011 Added by:Boris Sverdlik

A dedicated attacker will not scour pastebin to get your password, although “inurl: password” used to be a common attack vector. More common amongst the dedicated attacker is getting as much background information as possible as an attacker builds the dossier on their target...

Comments  (0)

« First < Previous | 290 - 291 - 292 - 293 - 294 | Next > Last »