Latest Blog Posts


PCI Security Compliance Q and A with Anton Chuvakin pt2

April 26, 2011 Added by:Anton Chuvakin

Perception of electronic and digital risks does not come naturally to people – and IT managers and directors are people too. So many organizations will severely underestimate computer risks and, sadly some would pay with their very existence for this mistake...

Comments  (1)


Lawsuit Calls Out Apple Over Stealth iOS Tracking Data

April 26, 2011 Added by:Headlines

"We take issue specifically with the notion that Apple is now basically tracking people everywhere they go... If you are a federal marshal, you have to have a warrant to do this kind of thing, and Apple is doing it without one," said Aaron Mayer, attorney for the plaintiffs...

Comments  (0)


Web Application Security: Can Developers Learn Secure Coding?

April 25, 2011 Added by:kapil assudani

With a secure coding skillset missing from their primary job responsibility, and no enterprise process that introduces/enforces a secure coding process, there are really no incentives for developers to go the extra mile of introducing security into their code...

Comments  (0)


An Update On The MPLS Privacy Debate

April 25, 2011 Added by:PCI Guru

In the end, we will have to rely on the statements and representations of the carrier as to whether or not the network is private. Is this a good way to secure your organization? It is as long as your carrier never causes a problem...

Comments  (4)


Human Immune Response Model for Advanced Security Systems

April 25, 2011 Added by:Headlines

"We want the machines to take a more active part in their own protection. We want to use their brains to protect themselves, but always in the context of the policies of the system administrators and owners," said senior counselor for cyber security at the DHS Bruce McConnell...

Comments  (0)


New Update: The Social-Engineer Toolkit v1.3.5

April 25, 2011 Added by:Headlines

The Social Engineering Toolkit is a python-driven suite of custom tools which focuses on attacking the human element in penetration testing. It’s purpose is to augment and simulate social-engineering attacks and allows for effectively testing how a targeted attack may succeed...

Comments  (0)


Hackers Go After Points, Credits, and Virtual Currency

April 25, 2011 Added by:Robert Siciliano

These virtual dollars and virtual goods have real value. Virtual currency includes the points customers receive from retailers, merchants, airlines, hotels, and credit card companies through loyalty programs. These points are the second most traded currency on the planet...

Comments  (0)


WikiLeaks Releases Guantanamo Prisoner Files

April 25, 2011 Added by:Headlines

The revelations in those documents range from intelligence on the whereabouts of Al Qaeda leaders to the individual stories of often-innocent detainees to the ugly and ineffective improvisations on intelligence gathering within Guantanamo’s operations...

Comments  (0)


Warrantless Searches: Welcome To The Panopticon

April 25, 2011 Added by:Infosec Island Admin

They have the ability to conduct warrantless searches per the courts since the loosening of the laws on search and seizure in places like California and Michigan where electronic media is concerned. The net effect is that our due process rights are being eroded in an ever rapid pace...

Comments  (7)


Iran Targeted by New Computer Worm in Cyber Attack

April 25, 2011 Added by:Headlines

"Certain characteristics about the 'Stars' virus have been identified, including that it is compatible with the (targeted) system. In the initial stage, the damage is low and it is likely to be mistaken for governmental executable files..."

Comments  (1)


Defending Web Apps Against Overwhelming Odds

April 24, 2011 Added by:Rafal Los

We can all agree that there are enough *exploitable security defects* in software that virtually every organization on the planet can (and will) be broken into given enough time - so where does that leave us? More importantly, what does that have to do with cloud computing?

Comments  (0)


Audit Analytics in an FCPA Compliance Program

April 24, 2011 Added by:Thomas Fox

The laws of many countries vary in terms of the capture and correlation of ERP data and if such information can be transmitted outside a country. Such issues may be overcome with multiple servers or other hosting solutions, it also increases the difficulty of capturing such data...

Comments  (0)


Cookies and Your Privacy: Past, Present and Future

April 24, 2011 Added by:Theresa Payton

If restrictions to cookies become common place on the internet, the Internet Advertising Bureau will be forced to make major changes to the way they obtain information about internet users. This could alter the entire structure of internet advertising as we know it today...

Comments  (0)


Chinese Hackers Spear-Phishing for US Military Secrets

April 23, 2011 Added by:Dan Dieterle

What could the Chinese hope to gain? Military secrets. Along with terabytes of data that have been stolen, the Chinese also obtained login credentials and blue prints to some of America’s hi-tech military equipment...

Comments  (0)


The History Behind EIGRP

April 22, 2011 Added by:Global Knowledge

IGRP scales better than RIP, as internetworks continued to grow in size a D-V protocol such as IGRP required excessive amounts of router CPU power and link bandwidth to support periodic advertisements. To overcome these limitations, EIGRP was developed...

Comments  (0)


Five Ways to Improve Enterprise Data Security Programs

April 22, 2011 Added by:Headlines

What constitutes an acceptable level of information security risk in an environment when intellectual property, personal customer information and the brand are at stake? It’s a tough decision, but one that should be made to form the foundation of an information security program...

Comments  (0)

« First < Previous | 290 - 291 - 292 - 293 - 294 | Next > Last »