Information Security


DDoS Attacks: An Excuse to Talk About IPv6 Security

February 10, 2012 Added by:Pierluigi Paganini

The switchover from the existing address protocol IPv4 to IPv6 will give attackers a great opportunity. With the introduction of the protocol a huge quantity of new internet addresses is available, and those addresses could be used as sources for DDoS attacks...

Comments  (0)


Did the 2006 Symantec Breach Expose RSA's SecurID?

February 10, 2012 Added by:Kevin McAleavey

The Symantec leak could pose a risk to RSA's SecurID. Examination of the source code for PCAnywhere turned up something disturbing - numerous header files and several libraries belonging to RSA, and SecurID code is part of the exposed PCAnywhere product source code...

Comments  (23)


Some "LightReading" about Mobile Application Security

February 10, 2012 Added by:Security Ninja

Developers, project managers and executive officers need to be able to evaluate the risk that they are exposing their customers and their businesses to. They need to know how to measure the security posture of their apps and to make decisions on what changes to make...

Comments  (0)


Straight Talk about Compliance from a Security Viewpoint

February 09, 2012 Added by:Rafal Los

Odds are, you can usually close out multiple compliance requirements across multiple requirements regulations by doing something singular in a security program. Performing software security audits during various phases of your SDLC solves many compliance requirements...

Comments  (0)


GFI WebMonitor Internet and Web Security Review

February 09, 2012 Added by:Dan Dieterle

Looking for a program that monitors internet use, allows granular control over sites and services they can access, coupled with comprehensive web security and threat detection that includes scanning with three Anti-Virus engines? Look no further...

Comments  (0)


Does Offensive Security Really Exist?

February 09, 2012 Added by:Dave Shackleford

I want to refute the concept of offensive vs. defensive security staff. It's not realistic. Reason? Offense really exists for one reason – to inform defense. In my mind, this really means we’re ALL defense. We just accomplish our defensive strategy and tactics in different ways...

Comments  (0)


Cyber Preparedness: Paper Tigers... Aren’t We All?

February 09, 2012 Added by:Infosec Island Admin

China, Russia, Israel etc etc are all key players in the espionage world which now includes the 5th battlespace of information warfare carried out on the internet and within computer networks. To think anything else because someone asked them just how prepared “they” were for “cyberwar” is just appallingly stupid...

Comments  (0)


Starting to Clean Up the Mess from PCAnywhere

February 09, 2012 Added by:Damion Waltermeyer

I realized not everyone was even sure how to go about starting to clean up from the PCAnywhere exploit. To start, I am going to share with you my method for finding machines that are potentially open to this exploit...

Comments  (3)


User Assisted Compromise (UAC)

February 09, 2012 Added by:Rob Fuller

You have to wait for the user to use UAC (this does not work if someone else does, it's only for the current user HKCU). But, as a side benefit, it's a very real form of sneaky persistence as well, as it will execute our evil binary every single time they use UAC...

Comments  (0)


Encryption: On Hashing Basics

February 08, 2012 Added by:PCI Guru

Never store the obscured value along with the truncated value. Always separate the two values and also implement security on the obscured value so that people cannot readily get the obscured value and the truncated value together without oversight and management approval...

Comments  (0)


Defending the Enterprise - Five Corporate Security Challenges

February 08, 2012 Added by:Rafal Los

You have to keep close tabs on your employees, your friends, your enemies and those you would never suspect, because threats are ever-present and overwhelming. Keep a level-head, because the evolution of threat doesn't mean it's any more scary today than yesterday...

Comments  (0)


Top Ten Java Frameworks Observed in Customer Applications

February 08, 2012 Added by:Fergal Glynn

One of the things we record when scanning applications is the presence of frameworks and other supporting technologies, and we’ve been at work mining that data to understand what developers use to build their applications. We’d like to share some of that research with you today...

Comments  (0)


Cyber Defense Weekly: Hacks, Breaches, and Disclosures

February 08, 2012 Added by:Cyber Defense Weekly

"Us law firms have been penetrated both here and abroad. Firms with offices in China and Russia are particularly vulnerable, because the foreign security services are likely to own the people who handle the the firms' physical and electronic security..."

Comments  (0)


Insecurity by Way of Compliance

February 08, 2012 Added by:Danny Lieberman

The US leads in data security breaches while the EU leads in data security. The EU has strong, uniform data security regulation, whereas the US has a quilt-work of hundreds of security directives where each agency has it’s own system for data security compliance...

Comments  (2)


Seventy-Five Million Unique Malware Samples in 2012

February 08, 2012 Added by:Robert Siciliano

Imagine your body being targeted by 75 million viruses. That is exactly what’s happening to your digital devices. Laptops, desktops, netbooks, notebooks, Macs, iPads, iPhones, BlackBerrys, Androids, and Symbian mobile phones are all being targeted...

Comments  (0)


Security BSides San Francisco: Speakers and Topics Lineup

February 08, 2012 Added by:Security BSides

The goal of Security BSides is to expand the spectrum of conversation beyond the traditional confines of space and time. The conferences create opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration...

Comments  (0)

Page « < 68 - 69 - 70 - 71 - 72 > »