Latest Blog Posts

0a8cae998f9c51e3b3c0ccbaddf521aa

The Web Application Security "White Elephants"

March 20, 2011 Added by:Rafal Los

We were both talking about things that aren't necessarily new to the security or app-dev community, but aren't being actively addressed. It hit me that there were two big white elephants in the room, and we happened to be talking about them in an open forum.. Finally...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Privacy Enforcement: FTC Settles with Twitter and Chitika

March 20, 2011 Added by:David Navetta

Companies are well advised to take proactive approach to compliance with privacy and information security laws, regulations, guidelines and best practices. The FTC expects businesses to collect, use, disclose and process personal information in a fair and transparent way...

Comments  (0)

10e258c8d23d441b915c1b2333b6996a

Webinar: Can Cloud Computing Enhance HIPAA Compliance?

March 20, 2011 Added by:Jack Anderson

Free Webinar: Rebecca Herold, recently voted the #3 Best Privacy Advisor in the world, and Jack Anderson, CEO of Compliance Helper, will discuss a new use of cloud computing, or Software as a Service (SaaS) to enhance compliance and improve security and privacy...

Comments  (3)

37d5f81e2277051bc17116221040d51c

The Ever Present Credit Card Scam

March 19, 2011 Added by:Robert Siciliano

Flaws in the system used to issue credit facilitate new account fraud, since creditors often neglect to fully vet credit applicants with technology as essential as device reputation. Account takeover requires nothing more than access to credit card numbers...

Comments  (1)

A88973e7d0943d295c99820ab9aeed27

Four Fold Increase in eMail-Based Malware

March 19, 2011 Added by:Simon Heron

This increased activity is probably caused by botnet herders attempting to increase the size of their botnets, and this will probably be followed by a corresponding increase in spam levels. It might be that the recent decline in Spam may be reversed...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Anonymous vs. Anonymous: Enough Hubris To Go Around

March 19, 2011 Added by:Infosec Island Admin

"A hacker startup calling itself Backtrace Security–made up of individuals who formerly counted themselves as part of Anonymous’ loose digital collective–announced plans Friday to publish identifying information on a handful of active members of Anonymous..."

Comments  (0)

F520f65cba281c31e29c857faa651872

Desktop Virtualization is Becoming Mainstream

March 18, 2011 Added by:Rahul Neel Mani

Research shows that more than $250 billion worth of energy per year is spent on powering computers around the world. As organizations search for practical and immediate ways to save money and reduce the IT impact on global climate change, they are increasingly turning to virtual PCs...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Foreign Business Representatives: Some Red Flags

March 18, 2011 Added by:Thomas Fox

Businesses look to the value obtained in the use of a foreign business representative. This simple economic analysis is not sufficient in the FCPA context. There should be a separate analysis on whether the foreign business representative has the substantive skills to perform the services requested...

Comments  (0)

850c7a8a30fa40cf01a9db756b49155a

RSA Fail - Security Lessons Unlearned

March 18, 2011 Added by:J. Oquendo

Security pros have to wonder about the security state as a whole when the founders of "two factor" key fobs take a hit. One would believe that in the event someone compromised a machine inside of RSA, their own security - two factor key fobs - would have prevented escalation between other machines...

Comments  (4)

69dafe8b58066478aea48f3d0f384820

Privacy International Warns of Skype Security Concerns

March 18, 2011 Added by:Headlines

"If the company cannot address and resolve these issues for those who are seeking secure communications, then vulnerable users will continue to be exposed to avoidable risks. Skype's misleading security assurances continue to expose users around the world to unnecessary and dangerous risk..."

Comments  (0)

Ad5130e786d13531cc0f2cde32dacd0f

Why Do Companies Hide From Privacy Regulations?

March 18, 2011 Added by:Andrew Weidenhamer

If you don’t know what processes take PII, you don't know what type of PII you are taking. If you don’t know what PII you are taking, then you don’t know what regulations to adhere to. If you do not know what regulations you need to adhere to, then you will not know what controls are required...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Microsoft Instrumental in the Rustock Botnet Take Down

March 18, 2011 Added by:Headlines

Microsoft provided documentation that detailed the botnet's extensive structure in a federal court filing. Acting on the information, federal marshals raided several internet hosting providers across the U.S. and seized servers suspected of being used as command and control units...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Beware of Erasure Problems on SSD Drives

March 18, 2011 Added by:Brent Huston

The traditional methods of magnetic cleansing (degaussing), and even file over-write tools that have been in use now for decades in many organizations, have little to no effect on removing sensitive data on these solid state drives...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

EMC's Security Division Hacked

March 18, 2011 Added by:Headlines

"Our investigation has led us to believe that the attack is in the category of an APT... and revealed that the attack resulted in certain information being extracted from RSA's systems. Some of that information is specifically related to RSA's SecurID two-factor authentication products..."

Comments  (0)

9259e8d30306ac2ef4c5dd1936e67634

Seven Steps for Implementing Policies and Procedures

March 17, 2011 Added by:Dejan Kosutic

Have you ever been given the task to write a security policy or a procedure, but you don't want your document to end up gathering dust in some forgotten drawer? Here are some thoughts that might help you...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Compromises, Budgets and Nonsense

March 17, 2011 Added by:Rafal Los

There is no amount you can spend right now that can make anything better. Software Security Assurance programs, even bare-bones application security testing-only efforts take months to surgically insert into an organization. Generally, money isn't the only part of the equation that's missing...

Comments  (0)


« First < Previous | 290 - 291 - 292 - 293 - 294 | Next > Last »