February 06, 2012 Added by:Pierluigi Paganini
We must consider that compromised satellites are a serious risk, that the exposure could affect communications in the business and military sectors, and could also cause the loss of sensitive and strategic technological information...
February 06, 2012 Added by:Robert Siciliano
Pretty Good Privacy (PGP) “is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication. PGP is often used for signing, encrypting and decrypting texts, E-mails, files, directories and whole disk partitions..."
February 05, 2012 Added by:Infosec Island Admin
Over the last year we have seen an evolution within Anonymous and its various movements. The latest being the AntiSec movement, the more cohesive core of Anonymous, one that has a set group of leaders at its center, leaders with an agenda... Anarchy....
February 05, 2012 Added by:John Linkous
We have entered a new era of cybersecurity, one where the objective is not to protect against a breach - the majority of large organizations are no longer able to - instead we need to be able to detect them and mitigate the damage done by them...
February 05, 2012 Added by:Norman Marks
When is the last time you saw an audit report that said management had too many controls or was not taking sufficient risk? When did you last hear a risk officer urging planners to move into a new market more quickly? The same thing applies to information security personnel...
February 03, 2012 Added by:Danny Lieberman
Truly – the essence of security is protecting the people who use a company’s products and services. What utility is there in running 24×7 systems that leak 4 million credit cards or developing embedded medical devices that may kill patients?
February 03, 2012 Added by:Brian Dean
Consumers are desensitized to breaches, as evidenced by the meager rate of consumers applying for free credit monitoring services after a company breach. If you analyze the data that was breached, sometimes you have to ask, “Why are they even collecting all of that data?”
February 03, 2012 Added by:Pierluigi Paganini
The impairment of these mechanisms could lead to the redirection of traffic to bogus sites with serious consequences - and not just that - the compromise of the Digital Certificate model itself raises the risk for the interception of emails and confidential documents...
February 03, 2012 Added by:Brent Huston
If you find those strings, they usually indicate other PHP scanners, worms or attack tools have compromised the system. Now, if you don’t find those, it does NOT mean the system is safe, the list of all of those relevant strings would be too large and dynamic to manage...
February 02, 2012 Added by:Bozidar Spirovski
We are not abandoning the Mac - it is a great tool and an asset in our little lab. But in the current state of things, it takes a lot of effort and compromise to fully migrate to a Mac platform, especially since a multi-environment knowledge is required...
February 02, 2012 Added by:Allan Pratt, MBA
The dramatic shift away from protecting confidential data is due to “the Facebook era.” While we’ve all met new friends and reconnected with family members, the reality is that thieves are out there devising innovative ways to steal our identities and confidential data...
February 02, 2012 Added by:Danny Lieberman
DR planning is not about writing a procedure, getting people to sign up and then filing it away somewhere. The disaster recovery plan is designed to assist companies in responding quickly and effectively to a disaster in a local office and restore business as quickly as possible...
February 02, 2012 Added by:Simon Heron
There is a great deal that can be gleaned from customer systems. When statistics from many different organizations, of different sizes, from different industries, in different countries are analyzed, they provide a useful insight into the true nature of security threats...
February 02, 2012 Added by:Infosec Island Admin
NETpeas is sponsoring Infosec Island's presence at the Black Hat Europe conference in Amsterdam. The Island's Javvad Malik will be on site conducting video interviews and interjecting his trademark brand of humor while exploring cutting edge infosec trends and developments...
February 01, 2012 Added by:Dave Shackleford
We’re pretty good at if-then analysis for controls in security. Let’s turn it around though and start thinking if-then in the negative sense. Prevention tools and processes need to fail gracefully and lead us into detection and response mode...
February 01, 2012 Added by:Dan Dieterle
A vulnerability scanner is a tool that can automatically scan your network and the systems connected to it, examining each one for vulnerabilities that could be exploited. Malicious users frequently use scanners to hunt for ways to compromise your systems...
Is User Experience Part of Your Security Pla... Allan Pratt, MBA on 04-17-2014
On Secure and Agile Collaboration... Kylie Wilson on 04-17-2014
Achieving Code Compliance in an Agile Enviro... Kylie Wilson on 04-17-2014