Information Security

37d5f81e2277051bc17116221040d51c

One in Three Massachusetts Residents’ Records Breached

February 15, 2012 Added by:Robert Siciliano

Massachusetts has one of the most stringent data protection laws on the books. Companies are now reporting when even a single individual’s information has been compromised. Despite strict security requirements, companies are continually being hacked in record numbers....

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Nortel: From Bankruptcy to Industrial Espionage Victim

February 15, 2012 Added by:Pierluigi Paganini

The damage is incalculable if we consider the enormous amount of data that may have been lost. Information on technological solutions, business reports, and other sensitive documents were stolen for years, seriously compromising the intellectual property of the company...

Comments  (3)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Dangers of Non-Contextual Pattern Matching

February 15, 2012 Added by:Rafal Los

Even a system inconsistency such as an abnormal page transition velocity on your flagship web application can be overlooked - until you put all those together and realize you're being SQL Injected and someone is stealing your multi-terabyte database out from under you...

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

Researchers Discover Widespread Cryptographic Vulnerabilities

February 15, 2012 Added by:Electronic Frontier Foundation

The consequences of these vulnerabilities are extremely serious. In all cases, a weak key would allow an eavesdropper on the network to learn confidential information, such as passwords or the content of messages, exchanged with a vulnerable server...

Comments  (0)

924ce315203c17e05d9e04b59648a942

In Cyber - Losers Ignore, Survivors React, Winners Predict

February 15, 2012 Added by:Richard Stiennon

Every organization has a choice: become a victim of cyber attack and pay the cost of recovery then rely on quick reactions to changes in the threat space to survive the next attack, or predict the escalation in attacks and invest early in the defenses required...

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

The Fundamentals of Infosec in Theory and Practice

February 14, 2012 Added by:Ben Rothke

Information security is an overwhelming body of knowledge, and for many it can indeed be a far too tremendous body of text to attempt to cover. To that effort this book is an invaluable resource as it covers the key areas without getting bogged down in the minutia...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Build Your Security Portfolio Around Attack Scenarios

February 14, 2012 Added by:Danny Lieberman

In the current environment of rapidly evolving types of attacks - hacktivisim, nation-state attacks, credit card attacks mounted by organized crime, script kiddies, competitors and malicious insiders and more - it is essential that IT and security communicate effectively...

Comments  (1)

F29746c6cb299c1755e4087e6126a816

Your Name and SSN - All a Thief Needs for Tax Fraud

February 14, 2012 Added by:Kelly Colgan

The IRS has seen a significant increase in the number of fraud cases involving identity theft, according to Steven Miller, IRS deputy commissioner for services and enforcement. Addresses don’t mean anything. All a thief needs is your name and Social Security number...

Comments  (1)

7ddc1f3000a13e4dfec28074e9e7b658

What Actually Changed in Google’s Privacy Policy

February 14, 2012 Added by:Electronic Frontier Foundation

Google did a great job of informing users that the privacy policy had been changed through emails and notifications. Unfortunately, while the policy might be easier to understand, Google did a less impressive job of publicly explaining what in the policy had actually been changed...

Comments  (0)

01ceb9281b3fb3dbb90c3efbe327717e

Security Flaw in eBanking Affects Over 100 Million Users

February 14, 2012 Added by:Alan Woodward

CAPTCHAs. You've all had to use them at some point - those funny, distorted versions of a piece of text that only a human can decipher. I was shocked to learn that CAPTCHAs were being used in eBanking and could successfully be attacked nearly 100% of the time....

Comments  (2)

0a8cae998f9c51e3b3c0ccbaddf521aa

Difference Between Spreading Information and Enabling Crime

February 14, 2012 Added by:Rafal Los

Most people don't get prosecuted or charged for distributing or re-tweeting a link to an Anonymous pastebin dump. Where is the line drawn then, and why are some incidents bigger than others? The question ultimately goes to the contents of the cache of information...

Comments  (2)

68b48711426f3b082ab24e5746a66b36

FBI Bitten by Operational Security

February 13, 2012 Added by:Fergal Glynn

Employees forward confidential calendar events and messages to personal calendars and personal email accounts. This may make their jobs easier but it can put their companies at risk. A recent security incident involving the FBI can teach us something about corporate security...

Comments  (0)

Bbb285308604bc5fbb9b43590d0501f6

Security BSides San Francisco: Presentation Schedule

February 13, 2012 Added by:Security BSides

Each BSides is a community-driven framework for building events for and by information security community members. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening. You don’t want to miss it...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

KPN Hack: Why was Customer Notification Delayed?

February 13, 2012 Added by:Pierluigi Paganini

The login credentials were stored in plain text in the repository that had been exposed, and that is absurd. This is a failure of the basic security procedures that should be recognized internationally, and is an offense for which there should be heavy penalties...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Will the Real IT Security Researcher Please Stand Up?

February 12, 2012 Added by:Rafal Los

Most security researchers are comfortable with identifying flaws and racing to be the first to find zero-day vulnerabilities. Is this productive? Isn’t erring human? If that is the case, why is it surprising to find flaws in new software or applications?

Comments  (2)

Fc152e73692bc3c934d248f639d9e963

Encryption Key Management Primer – Requirement 3.5

February 12, 2012 Added by:PCI Guru

The problem with the manual option is that encryption keys are typically needed to boot the secure server or start an application that needs access to encrypted data. The security surrounding the keys becomes problematic as operations personnel need regular access...

Comments  (0)

Page « < 66 - 67 - 68 - 69 - 70 > »