Latest Blog Posts

3ebd200287a032cf6d13d6b75a570c94

High Fashion, Low Security - Part Duex

August 25, 2011 Added by:David Martinez

I spy serious SQL issues… I had the hashes for the admins table, info from the customers table, as well as the full output of the transactions and users tables, which included MD5 hashes of CC numbers. The hashes were all 64-bits from a MySQL db, which means they were probably SHA256...

Comments  (0)

888605c6c25c19e41bbbb986ea6d43c1

Reducing Your Digital Footprint

August 25, 2011 Added by:Jim Palazzolo

As individual's use certain resources such as cell phones or GPS devices, they leave behind information which is considered to be a part of their digital footprint. In this essay the writer conveys countermeasures that can be used to evade or reduce an individual's digital footprint...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

DHS: Natural Disasters Fostering Social Engineering

August 25, 2011 Added by:Headlines

The DHS's National Cybersecurity and Communications Integration Center (NCCIC) is warning that malicious users may seek to exploit interest related to physical events such as earthquakes and hurricanes by generating phishing emails with subject lines related to the incidents...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

DHS: Hurricane Irene Critical Infrastructure Conference Call

August 25, 2011 Added by:Headlines

Friday, August 26, 2011 from 12:00 p.m. – 1:00 p.m. EDT: The purpose of the call is to update partners on DHS IP Hurricane Irene planning and preparation activities, procedures, and capabilities should the hurricane make landfall and significantly impact critical infrastructure operations...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Another Suspected Anonymous Member Arrested in UK

August 25, 2011 Added by:Headlines

Scotland Yard has announced the arrest of Peter David Gibson, 22, on charges that the student participated in distributed denial of service (DDoS) attacks organized by the rogue hacktivist group Anonymous, particularly an attack on the online payment processor Pay Pal late last year...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

End of the Annual Compliance Training Flea Dip

August 25, 2011 Added by:Thomas Fox

Compliance and ethics training should be integrated into more routine employee training rather than stand along compliance and ethics training. The more innovative component of Nortz’s suggestions revolves around employee involvement and follow up...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Federal Judge Calls Geolocation Tracking Orwellian

August 25, 2011 Added by:Headlines

“While the government’s monitoring of our thoughts may be the archetypical Orwellian intrusion, the government’s surveillance of our movements over a considerable time period through new technologies... puts our country far closer to Oceania than our Constitution permits..."

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

A Carrot for Chip and PIN

August 25, 2011 Added by:PCI Guru

EMV and contactless technologies do not entirely solve the fraud problem. While they minimize fraud in the case of card present transactions, they do not even address fraud in card not present transactions. And it is in card not present transactions where fraud is most prevalent...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

The Global CyberLympics Ethical Hacking Challenge

August 25, 2011 Added by:Headlines

The Global CyberLympics - the world’s first international team ethical hacking championships - will be held in September across six continents. It is endorsed by the U.N.’s cybersecurity executing arm – IMPACT - and the EC-Council is sponsoring over $400,000 worth of prizes...

Comments  (0)

8fcd3af85e00d8db661be6a882c6442b

Why Data Centers Don't Need SSAE 16

August 24, 2011 Added by:david barton

I agree that DCs provide certain fundamental general controls that may impact the systems that are maintained there. But even those general controls do not constitute Internal Controls over Financial Reporting (ICFR) which is clearly a requirement for performing a SOC 1 (SSAE 16) review...

Comments  (9)

8c4834b99847b9f7c9ee94b45df086f9

The Dangers of Second Hand Hard Drives

August 24, 2011 Added by:Emmett Jorgensen

Whether you are planning on selling, recycling or throwing away your old hard drives, you should always consider using one of these solutions: destruction, degaussing, or secure data erasure. Otherwise, there's no telling whose hands you data may end up in...

Comments  (2)

F29746c6cb299c1755e4087e6126a816

Yale Gets Google Dorked

August 24, 2011 Added by:Kelly Colgan

Knowing where your data is located, what are the access control mechanisms, and having an audit process to verify that resources are properly used, is generally part of every cyber risk program. When one of them fails, a data breach is inevitable...

Comments  (0)

37d5f81e2277051bc17116221040d51c

What Identity Theft Protection Is and Is Not

August 24, 2011 Added by:Robert Siciliano

A true identity theft protection service monitors your identity by checking credit reports and scanning the Internet for your personal information. It looks out for your Social Security number, and if something goes wrong, has people who’ll work with you to resolve the problem...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

Black Hat USA 2011 Presenters - A Live Webcast

August 24, 2011 Added by:Headlines

The organizers of the Black Hat USA 2011 conference which took place earlier this month are inviting those who attended and those who missed the event to join them for a live webcast featuring some of the conference's speakers. The free webcast airs on Thursday, Aug 25, 2011...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

EC-Council Certified Ethical Hacker v7 Discounts

August 24, 2011 Added by:Infosec Island Admin

Receive up to a 20% discount on the EC-Council Certified Ethical Hacker v7 course. Students will learn how intruders escalate privileges, what steps can be taken to secure a system, Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Caveman to Spaceman - Evolutionary Stages of Infosec

August 24, 2011 Added by:Rafal Los

We've given up on the notion of securing things and are starting to focus on the idea that security is a journey, and while we're keeping things safe to a pre-defined level of risk tolerance, we need to minimize the damage when the bad people find their ways in and start to kick down doors...

Comments  (2)


« First < Previous | 292 - 293 - 294 - 295 - 296 | Next > Last »