Latest Blog Posts

B64e021126c832bb29ec9fa988155eaf

Chinese Hackers Spear-Phishing for US Military Secrets

April 23, 2011 Added by:Dan Dieterle

What could the Chinese hope to gain? Military secrets. Along with terabytes of data that have been stolen, the Chinese also obtained login credentials and blue prints to some of America’s hi-tech military equipment...

Comments  (0)

0dc5fdbc98f80f9aaf2b43b8bc795ea8

The History Behind EIGRP

April 22, 2011 Added by:Global Knowledge

IGRP scales better than RIP, as internetworks continued to grow in size a D-V protocol such as IGRP required excessive amounts of router CPU power and link bandwidth to support periodic advertisements. To overcome these limitations, EIGRP was developed...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Five Ways to Improve Enterprise Data Security Programs

April 22, 2011 Added by:Headlines

What constitutes an acceptable level of information security risk in an environment when intellectual property, personal customer information and the brand are at stake? It’s a tough decision, but one that should be made to form the foundation of an information security program...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Hackers Overtake Insiders as Leading Cause of Data Loss

April 22, 2011 Added by:Headlines

The responsibility for protecting personal identifying information is on those who request and store it. All entities that collect personal information need to understand the concept that only they can safeguard our information, and that this safeguarding must be an urgent priority...

Comments  (1)

37d5f81e2277051bc17116221040d51c

Software Security Incidents Cost an Average $300,000

April 22, 2011 Added by:Robert Siciliano

Enterprises must move from technological security silos to enterprise security intelligence. This can be achieved through the interaction of different technologies as well as contextual analyses of integrated security and business information...

Comments  (1)

Ebb72d4bfba370aecb29bc7519c9dac2

PCI Security Compliance: Q and A with Anton Chuvakin

April 22, 2011 Added by:Anton Chuvakin

PCI DSS and other PCI standards were intended as a baseline set of security practices, not as a comprehensive, upper limit on security. For various reasons, it is hard for many organizations to understand that. What results is a false sense of security and a mistaken sense of betrayal...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Skype Fixes Critical Android Application Vulnerability

April 22, 2011 Added by:Headlines

"After a period of developing and testing we have released a new version of the Skype for Android application onto the Android Market, containing a fix to the vulnerability reported to us. Please update to this version as soon as possible in order to help protect your information..."

Comments  (0)

67a9d83011f3fbb2cf8503aff453cc24

Information Security Risk Management Programs Part 3

April 21, 2011 Added by:kapil assudani

Business use cases must be consumed by the IT group to build functional/non-functional requirements. Security mis-use cases in their remediated language turn into functional/non-functional requirements. If security is engaged - we translate them into detailed technical requirements...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

SEC Fines Executives for Privacy and Security Violations

April 21, 2011 Added by:David Navetta

Companies have to assess the adequacy of their privacy and data security practices, including understanding the privacy and data security legal requirements that could impact the company’s business, ensuring that the company’s practices are consistent with those requirements...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

DoD Plans Comprehensive Cyber Security Strategy

April 21, 2011 Added by:Headlines

Despite continued debate by security experts as to whether the concept of "cyber warfare" appropriately describes military actions conducted in an electronic medium, the Pentagon is moving forward with a declaration that cyberspace will be considered an operational domain...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Nuclear Research Facility Lacks Adequate Cyber Security

April 21, 2011 Added by:Headlines

"Without improvements, the weaknesses identified may limit program and site-level officials' ability to make informed risk-based decisions that support the protection of classified information and the systems on which it resides," a federal audit concluded...

Comments  (0)

7e364bbac217114a59e547b354e7f7ad

Let’s Go with the Web Application Scan... It's Cheaper

April 21, 2011 Added by:Gary McCully

Many times, when choosing a Web Application Assessment, a company will choose the cheapest Assessment available without understanding the Pros and Cons of each Web Application Security Assessment. It is important to realize the fact that the cheapest option is not always the best option...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

MSP Statement on Use of Cell Phone Data Extraction Devices

April 21, 2011 Added by:Headlines

Infosec Island received a Twitter message from the Michigan State Police regarding an article about the MSP using data extraction devices to collect information from cell phones of motorists detained for minor traffic infractions. The official statement from the MSP is as follows...

Comments  (0)

29fb4966bdfcfff5545ae464c771071b

Is the NSTIC Strategy for a Passwordless System Viable?

April 21, 2011 Added by:Gurudatt Shenoy

Considering the acknowledgement by the White House itself that their own technology is pretty outdated at 10 years old, what hope is there that an elephant such as the government would move fast enough to provide a universal identity for Americans, one that would be truly universal?

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Hidden iOS File Records Tracking Information

April 21, 2011 Added by:Headlines

"Anyone who gains access to this single file could likely determine the location of the user's home, the businesses he frequents, the doctors he visits, the schools his children attend, and the trips he has taken over the past months or even a year..."

Comments  (2)

7fef78c47060974e0b8392e305f0daf0

The Thousand Grains of Sand in the Electronic Age

April 20, 2011 Added by:Infosec Island Admin

Over the years the Chinese have made it their business to steal a lot of data. Some of it you would readily see as important militarily or for industrial espionage, but some of the data is much more arcane as to the reasons why they would make the efforts that they do to get it...

Comments  (2)


« First < Previous | 290 - 291 - 292 - 293 - 294 | Next > Last »