Information Security
BackTrack 5 Wireless Penetration Testing Beginner’s Guide
October 22, 2011 Added by:Dan Dieterle
This includes everything from bypassing authentication & cracking encryption, to advanced techniques like man-in-the-middle attacks and attacking WPA-Enterprise, with discussions Wireless penetration methodology, testing and reporting...
Comments (3)
Confusing Inconvenience for Enterprise Security
October 21, 2011 Added by:Rafal Los
When a problem that has been ignored for years suddenly causes immense pain, the result is an often a rash reaction that is grounded in fear and 'the need to do something' rather than a sane approach to securing assets, leading mostly to inconvenience and not better security....
Comments (0)
Webinar: How to Minimize the Risks of a Data Breach
October 21, 2011 Added by:Kanguru Solutions
Kanguru Solutions has teamed up with Cyber Data Risk Managers LLC to host a FREE webinar on cyber security and infosec entitled “How to Minimize the Risks of a Data Breach/Cyber Attack.” This free webinar will discuss data security, privacy and measures to take in the event of a data breach...
Comments (0)
Want the Source Code to Stuxnet? Come and Get It
October 20, 2011 Added by:Joel Langill
Though this does not reflect true "source code", it does provide high-level language which can be re-compiled for another purpose. I reviewed much of the code, and though it did not contain 100% of the Stuxnet functionality, it did contain a large portion of the working malware...
Comments (0)
Multi-Function Printers and Security Beyond Compliance
October 20, 2011 Added by:David Sopata
Compliance in many cases is one of the biggest drivers for security. Compliance may not exactly require you to secure your Multi-Function printers or other devices, but since most organization generally want to do the right thing, it may be required to go beyond compliance...
Comments (1)
Infosec Island's Position on Plagiarism
October 20, 2011 Added by:Infosec Island Admin
Occasionally it comes to our attention that material submitted for publication by a member may contain instances of unattributed content. Infosec Island's policy is to immediately remove the offending content to preserve the original author's copyright...
Comments (2)
Operation DarkNet: A Good Start, But There is More to Do
October 20, 2011 Added by:Scot Terban
Due to the nature of the site and its being in the hidden wiki (DarkNet) it is tough to know exactly where the systems sit that house/host the content, but, it seems that through certain techniques using TTL, they pretty much have a good idea of where the server may sit in the continental US.
Comments (5)
Ten Early Warning Signs of Fraud in the Enterprise
October 20, 2011 Added by:Headlines
“My first question is always to ask executives ‘do you really know how safe your own organization is?’ Some do reply confidently. Most do not. Fraud can happen anywhere, anytime, but it is relatively straightforward to deter or discover at an early stage with the right systems..."
Comments (0)
Cyber Crime Explodes - But Few Take Action
October 20, 2011 Added by:Joel Harding
An attention grabbing report recently by Norton reveals that cybercrime nets more than marijuana, heroin and cocaine combined. Even worse, over 1 million people per day are victimized by online crime. In spite of this, 41% of us do not have adequate up to date virus or malware protection...
Comments (0)
Browser-Based Malware: Decoding a PHP Backdoor
October 20, 2011 Added by:john melvin
This article is not an analysis of the backdoor, but instead describes the methodology and techniques used to decipher malicious code embedded and encoded in a seemingly normal web page. The following is a snippet of the PHP code that caught my attention and began my investigation...
Comments (1)
W32.Duqu - Harbinger of the Next Stuxnet?
October 19, 2011 Added by:Ron Baklarz
The new malcode has so much in common with Stuxnet, it is purported to have been written by the authors. W32.Duqu's primary purpose is intelligence gathering by focusing on industrial control system manufacturers with likely intent on future attacks against targeted victims...
Comments (1)
The Son of Stuxnet? Methinks the Cart be Before Ye Horse
October 19, 2011 Added by:Scot Terban
And therein lies the rub. DUQU has a 36 day shelf life. Now, this is good from a foot-printing level AND could be excellent for setting up the next attack vector that could include the component of sustained access. It was a recon mission and that was all...
Comments (0)
Son of Stuxnet - A Not so Melodrama?
October 19, 2011 Added by:Kevin McAleavey
Speculation about Duqu is that it's a precursor to another attack against embedded systems, and has been gathering information already about industrial systems, particularly engineering data and other design information...
Comments (3)
Mobile and Wireless Security: TakeDownCon Las Vegas
October 19, 2011 Added by:Infosec Island Admin
Due to the rapid escalation of threats affecting wireless operations, TakeDownCon Las Vegas now brings you a highly technical platform which addresses highly technical knowledge which focuses on securing your channels, your data, and ultimately and most importantly – your very own privacy...
Comments (0)
A High Level Methodology to Show Due Diligence
October 18, 2011 Added by:David Sopata
Acquisitions, mergers, and new services may introduce new regulations within an organization. If they are not properly maintained they can fluctuate from compliant to non compliant within any given day. So the question is: Does your organization show due care and due diligence?
Comments (0)
Think You’re Protected? Think Again...
October 18, 2011 Added by:Robert Siciliano
Now as companies leverage the power of the web, information security has evolved yet again: We are in the application security era. And as big companies get better at locking down their software and protecting their data, criminals are targeting the little guy...
Comments (0)
- Brand Damage Through Information Access
- Identity & Access Management: Give Me a REST
- Over-Sharing Riskier than Government Snooping
- 20 Critical Security Controls: Control 13 – Boundary Defense
- Redefining Social Networking
- Creating Your Own Privacy & ROI
- Security Intelligence for the Enterprise - Part 1
- Why are Cybercrimes NOT Always White-collar Crimes?
- From the SMB to Security Guru: Five Ways IT Pros Can Manage Security on a Budget
- Balancing Act Between Privacy and Security