Latest Blog Posts


The Global CyberLympics Ethical Hacking Challenge

August 25, 2011 Added by:Headlines

The Global CyberLympics - the world’s first international team ethical hacking championships - will be held in September across six continents. It is endorsed by the U.N.’s cybersecurity executing arm – IMPACT - and the EC-Council is sponsoring over $400,000 worth of prizes...

Comments  (0)


Why Data Centers Don't Need SSAE 16

August 24, 2011 Added by:david barton

I agree that DCs provide certain fundamental general controls that may impact the systems that are maintained there. But even those general controls do not constitute Internal Controls over Financial Reporting (ICFR) which is clearly a requirement for performing a SOC 1 (SSAE 16) review...

Comments  (9)


The Dangers of Second Hand Hard Drives

August 24, 2011 Added by:Emmett Jorgensen

Whether you are planning on selling, recycling or throwing away your old hard drives, you should always consider using one of these solutions: destruction, degaussing, or secure data erasure. Otherwise, there's no telling whose hands you data may end up in...

Comments  (2)


Yale Gets Google Dorked

August 24, 2011 Added by:Kelly Colgan

Knowing where your data is located, what are the access control mechanisms, and having an audit process to verify that resources are properly used, is generally part of every cyber risk program. When one of them fails, a data breach is inevitable...

Comments  (0)


What Identity Theft Protection Is and Is Not

August 24, 2011 Added by:Robert Siciliano

A true identity theft protection service monitors your identity by checking credit reports and scanning the Internet for your personal information. It looks out for your Social Security number, and if something goes wrong, has people who’ll work with you to resolve the problem...

Comments  (2)


Black Hat USA 2011 Presenters - A Live Webcast

August 24, 2011 Added by:Headlines

The organizers of the Black Hat USA 2011 conference which took place earlier this month are inviting those who attended and those who missed the event to join them for a live webcast featuring some of the conference's speakers. The free webcast airs on Thursday, Aug 25, 2011...

Comments  (0)


EC-Council Certified Ethical Hacker v7 Discounts

August 24, 2011 Added by:Infosec Island Admin

Receive up to a 20% discount on the EC-Council Certified Ethical Hacker v7 course. Students will learn how intruders escalate privileges, what steps can be taken to secure a system, Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation...

Comments  (0)


Caveman to Spaceman - Evolutionary Stages of Infosec

August 24, 2011 Added by:Rafal Los

We've given up on the notion of securing things and are starting to focus on the idea that security is a journey, and while we're keeping things safe to a pre-defined level of risk tolerance, we need to minimize the damage when the bad people find their ways in and start to kick down doors...

Comments  (2)


Consumers Still Prefer Convenience Over Security

August 24, 2011 Added by:Headlines

"Any change to the way a customer accesses their account is going to take a while to get used to. But this small extra step delivers such an increase in security to our internet banking users, that we are confident we have got the balance right," an HSBC official said...

Comments  (4)


Message Queuing Insecurity

August 24, 2011 Added by:Danny Lieberman

Well placed attacks on message queues in an intermediary player, for example a payment clearing house, could result in the inability of the processor to clear transactions but also serve as an entry point into upstream and downstream systems. These attacks can and do cascade...

Comments  (0)


Zeus Trojan Spreading via Facebook Friend Requests

August 24, 2011 Added by:Headlines

The malware is spreading by sending messages through Facebook notifications. When a user clicks the link to approve a "friend" request it opens a page that invites him to install the what is purported to be the latest version of Adobe Flash Player, but actually installs the malware...

Comments  (0)


Red Hat 5 STIG: Network Settings

August 23, 2011 Added by:Jamie Adams

I would caution administrators from rushing to add all because most are defaults. The settings must be implicitly set in the sysctl.conf config file. My recommendation is to review the entire STIG in order to define a complete sysctl.conf file, so that it can be deployed and tested all at once...

Comments  (0)


Sentence Your Password

August 23, 2011 Added by:Christopher Hudel

One risk is that by telling people to "Sentence their password", they may be steered unconsciously to create sentences that make sense which will significantly weaken the power of apparently random words. And of course, apparently random words may ultimately prove not to be too random...

Comments  (0)


Microsoft and Amazon Outages – The Need for More Redundancy

August 23, 2011 Added by:Ben Kepes

I’ll not delve into the issues around failover – clearly the lightning strike was a catastrophic event that overcame the protection that both providers have against upstream events. But imagine an uber-catastrophic event that knocked out the entire Dublin Amazon data center...

Comments  (0)


Mobile Banking More Secure than PC E-Commerce?

August 23, 2011 Added by:Robert Siciliano

Over the past decade criminals have learned the ins and outs of exploiting online banking using PC’s. In the past 15 years or so, the desktop computer has been hacked in every possible way, making the computer and the data it contains and transmits extremely vulnerable to fraud...

Comments  (0)


A Look Inside the Anonymous DDoS Attack Code

August 23, 2011 Added by:Headlines

"Many think of DDoS as a computer network such as a bot network of rogue or infected machines which carry out the orders of whoever controls them. In the case of this specific code, Anonymous only needed to control a single system to begin the attack. The rest is carried out by unwitting accomplices..."

Comments  (0)

« First < Previous | 290 - 291 - 292 - 293 - 294 | Next > Last »