Latest Blog Posts

69dafe8b58066478aea48f3d0f384820

The Global CyberLympics Ethical Hacking Challenge

August 25, 2011 Added by:Headlines

The Global CyberLympics - the world’s first international team ethical hacking championships - will be held in September across six continents. It is endorsed by the U.N.’s cybersecurity executing arm – IMPACT - and the EC-Council is sponsoring over $400,000 worth of prizes...

Comments  (0)

8fcd3af85e00d8db661be6a882c6442b

Why Data Centers Don't Need SSAE 16

August 24, 2011 Added by:david barton

I agree that DCs provide certain fundamental general controls that may impact the systems that are maintained there. But even those general controls do not constitute Internal Controls over Financial Reporting (ICFR) which is clearly a requirement for performing a SOC 1 (SSAE 16) review...

Comments  (9)

8c4834b99847b9f7c9ee94b45df086f9

The Dangers of Second Hand Hard Drives

August 24, 2011 Added by:Emmett Jorgensen

Whether you are planning on selling, recycling or throwing away your old hard drives, you should always consider using one of these solutions: destruction, degaussing, or secure data erasure. Otherwise, there's no telling whose hands you data may end up in...

Comments  (2)

F29746c6cb299c1755e4087e6126a816

Yale Gets Google Dorked

August 24, 2011 Added by:Kelly Colgan

Knowing where your data is located, what are the access control mechanisms, and having an audit process to verify that resources are properly used, is generally part of every cyber risk program. When one of them fails, a data breach is inevitable...

Comments  (0)

37d5f81e2277051bc17116221040d51c

What Identity Theft Protection Is and Is Not

August 24, 2011 Added by:Robert Siciliano

A true identity theft protection service monitors your identity by checking credit reports and scanning the Internet for your personal information. It looks out for your Social Security number, and if something goes wrong, has people who’ll work with you to resolve the problem...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

Black Hat USA 2011 Presenters - A Live Webcast

August 24, 2011 Added by:Headlines

The organizers of the Black Hat USA 2011 conference which took place earlier this month are inviting those who attended and those who missed the event to join them for a live webcast featuring some of the conference's speakers. The free webcast airs on Thursday, Aug 25, 2011...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

EC-Council Certified Ethical Hacker v7 Discounts

August 24, 2011 Added by:Infosec Island Admin

Receive up to a 20% discount on the EC-Council Certified Ethical Hacker v7 course. Students will learn how intruders escalate privileges, what steps can be taken to secure a system, Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Caveman to Spaceman - Evolutionary Stages of Infosec

August 24, 2011 Added by:Rafal Los

We've given up on the notion of securing things and are starting to focus on the idea that security is a journey, and while we're keeping things safe to a pre-defined level of risk tolerance, we need to minimize the damage when the bad people find their ways in and start to kick down doors...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

Consumers Still Prefer Convenience Over Security

August 24, 2011 Added by:Headlines

"Any change to the way a customer accesses their account is going to take a while to get used to. But this small extra step delivers such an increase in security to our internet banking users, that we are confident we have got the balance right," an HSBC official said...

Comments  (4)

959779642e6e758563e80b5d83150a9f

Message Queuing Insecurity

August 24, 2011 Added by:Danny Lieberman

Well placed attacks on message queues in an intermediary player, for example a payment clearing house, could result in the inability of the processor to clear transactions but also serve as an entry point into upstream and downstream systems. These attacks can and do cascade...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Zeus Trojan Spreading via Facebook Friend Requests

August 24, 2011 Added by:Headlines

The malware is spreading by sending messages through Facebook notifications. When a user clicks the link to approve a "friend" request it opens a page that invites him to install the what is purported to be the latest version of Adobe Flash Player, but actually installs the malware...

Comments  (0)

4085079c6fe0be2fd371ddbac0c3e7db

Red Hat 5 STIG: Network Settings

August 23, 2011 Added by:Jamie Adams

I would caution administrators from rushing to add all because most are defaults. The settings must be implicitly set in the sysctl.conf config file. My recommendation is to review the entire STIG in order to define a complete sysctl.conf file, so that it can be deployed and tested all at once...

Comments  (0)

B32b392ce3a707f05f4838c48c67d9cf

Sentence Your Password

August 23, 2011 Added by:Christopher Hudel

One risk is that by telling people to "Sentence their password", they may be steered unconsciously to create sentences that make sense which will significantly weaken the power of apparently random words. And of course, apparently random words may ultimately prove not to be too random...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

Microsoft and Amazon Outages – The Need for More Redundancy

August 23, 2011 Added by:Ben Kepes

I’ll not delve into the issues around failover – clearly the lightning strike was a catastrophic event that overcame the protection that both providers have against upstream events. But imagine an uber-catastrophic event that knocked out the entire Dublin Amazon data center...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Mobile Banking More Secure than PC E-Commerce?

August 23, 2011 Added by:Robert Siciliano

Over the past decade criminals have learned the ins and outs of exploiting online banking using PC’s. In the past 15 years or so, the desktop computer has been hacked in every possible way, making the computer and the data it contains and transmits extremely vulnerable to fraud...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

A Look Inside the Anonymous DDoS Attack Code

August 23, 2011 Added by:Headlines

"Many think of DDoS as a computer network such as a bot network of rogue or infected machines which carry out the orders of whoever controls them. In the case of this specific code, Anonymous only needed to control a single system to begin the attack. The rest is carried out by unwitting accomplices..."

Comments  (0)


« First < Previous | 290 - 291 - 292 - 293 - 294 | Next > Last »