Latest Blog Posts


EMC's Security Division Hacked

March 18, 2011 Added by:Headlines

"Our investigation has led us to believe that the attack is in the category of an APT... and revealed that the attack resulted in certain information being extracted from RSA's systems. Some of that information is specifically related to RSA's SecurID two-factor authentication products..."

Comments  (0)


Seven Steps for Implementing Policies and Procedures

March 17, 2011 Added by:Dejan Kosutic

Have you ever been given the task to write a security policy or a procedure, but you don't want your document to end up gathering dust in some forgotten drawer? Here are some thoughts that might help you...

Comments  (0)


Compromises, Budgets and Nonsense

March 17, 2011 Added by:Rafal Los

There is no amount you can spend right now that can make anything better. Software Security Assurance programs, even bare-bones application security testing-only efforts take months to surgically insert into an organization. Generally, money isn't the only part of the equation that's missing...

Comments  (0)


Payment Card Industry Data Security Standards Overview

March 17, 2011 Added by:Jon Stout

In a nutshell, the PCI DSS requires companies to build and maintain a secure network. The purpose of the PCI DSS is not only to reduce the amount of payment card fraud and identity theft, but also the costs of mitigating the institutional risks associated with those activities...

Comments  (0)


Social Media and Lone Wolf Terror Attacks

March 17, 2011 Added by:Dan Dieterle

Social media sites that is allowing terror groups to communicate, especially to singular operatives, according to The National’s coverage of a Saudi counter-terrorism conference. Of major concern was how to combat the use of social media sites to recruit and communicate with lone wolf terrorists...

Comments  (0)


HBGary Federal Security Fail... Again

March 17, 2011 Added by:J. Oquendo

IP based authentication is somewhat helpful, but can be hurtful. While an administrator can define who can and cannot visit locations, servers, pages, this can become a cumbersome process. It also does little against a potential client side attack where an attacker accesses a trusted machine...

Comments  (0)


Who’s NAPping on Your Network? (Part Two)

March 17, 2011 Added by:Global Knowledge

In the last post I described a high-level overview of 802.1x authentication. Now, let’s dive a bit deeper into the use of 802.1x as a foundation for Network Access Protection (NAP) enforcement of health policies in a Windows Server 2008 network infrastructure...

Comments  (0)


Twitter Offers "Always Use HTTPS" Security Feature

March 17, 2011 Added by:Headlines

The new feature allows users the option to "Always Use HTTPS". Among other security benefits, the HTTPS feature will prevent users from having their login credentials stolen by Firesheep attackers when logging in to their accounts over unencrypted Wi-Fi connections...

Comments  (0)


IT Job Market Intel - Cutting Through the Fog

March 17, 2011 Added by:Mike Meikle

Once again, IT pros are going to have to develop significant business skills to set themselves apart from their mono-technical peers. While you may be able to capitalize on the Hot Skill Du Jour for a while, and we all have, it will continue to pay diminishing returns...

Comments  (0)


RIM Advises BlackBerry Users to Disable JavaScript

March 17, 2011 Added by:Headlines

A successful exploit could allow the attacker to use the BlackBerry Browser to access user data stored on the media card and in the built-in media storage on the BlackBerry smartphone, but not to access user data that the email, calendar and contact applications store in the application storage...

Comments  (0)


Implementing File Integrity Management (FIM)

March 17, 2011 Added by:Ron Lepofsky

If your organization is addressing data loss prevention (DLP) by minimizing the risk of damage by malicious code and by enforcing strict access controls to mitigate unauthorized access, then FIM is something you might also want to consider. FIM is monitoring all aspects of changes to key files...

Comments  (0)


Alexander Says U.S. Unprepared for Cyber Attack

March 17, 2011 Added by:Headlines

"To put it bluntly, we are very thin, and a crisis would quickly stress our cyber forces. We cannot afford to allow cyberspace to be a sanctuary where real and potential adversaries can marshal forces and capabilities to use against us and our allies. This is not a hypothetical danger..."

Comments  (0)


Financial Trojans: Following the Money

March 16, 2011 Added by:Simon Heron

The malware is able to wait until the victim has successfully logged on to their bank before inserting itself between the browser and the bank’s website and then invisibly transferring money to some individual who believes they are working for a legitimate company...

Comments  (8)


Companies Need to be Proactive About Corporate Security

March 16, 2011 Added by:Lindsay Walker

Managing and monitoring corporate security requires a strong commitment from everyone in an organization. Systems need to be updated regularly, IT personnel need to stay up to date on new security trends and employees require ongoing training to ensure they are doing their part to help out...

Comments  (0)


SMB Relay and Network Scanner Attacks

March 16, 2011 Added by:Alexander Polyakov

In big corporate networks there can be some servers with software that does an automated scan of the subnet for some purpose. This scan uses an SMB protocol and, of course, NTLM authentication. If an attacker's host is in the same subnet, he can complete the relay. Attackers just need to be patient...

Comments  (0)


The "Lots of Sex" Risk and Security Project

March 16, 2011 Added by:Pete Herzog

Routines make us predictable which, becomes our flaw. The problem with "patching" these flaws is that they are design features which are the product of being human. In addressing those flaws we will also ruin many of the good things about people which make them creative, social, and productive...

Comments  (8)

« First < Previous | 290 - 291 - 292 - 293 - 294 | Next > Last »