Blog Posts Tagged with "Network Security"
On Defending Networks
January 13, 2012 Added by:Gabriel Bassett
If we can secure areas of the world existing in at least 3 domains (land, air, and space) if not four (adding sea), then we should easily be able to train to defend networks existing in a single domain (digital)...
Comments (0)
Effective SIEM: Less Turtle - More Awareness
January 12, 2012 Added by:John Linkous
SIEM tools are highly focused on events. Even in cases where a SIEM can look outside of the world of events at one or two other pieces of data - say, at network traffic - that’s still woefully inadequate. We certainly need events and network traffic data...
Comments (0)
Backtrack 5: Penetration Testing with Social Engineering Toolkit
January 11, 2012 Added by:Dan Dieterle
Why spend days, weeks or even months trying to penetrate layers of network security when you can just trick a user into running a file that allows you full access to their machine and bypasses anti-virus, firewalls and many intrusion detection systems?
Comments (0)
Data Loss Prevention Step 4: Prevent Network Cross-Connect
January 11, 2012 Added by:Rafal Los
Preventing network cross-connect used to be simple as making sure your VPN client wasn't able to perform split-tunneling so malware couldn't bounce to your corporate office. If your corporate office is virtual all that stopped mattering...
Comments (0)
InfraGard Launches SMB 'State of Cyber Security' Study
January 11, 2012 Added by:Headlines
Well-publicized breaches have clearly demonstrated that no business or government agency is immune to attack. It is in the interests of all to harden their systems to prevent damage or unintended release of information that is the lifeblood of their operations...
Comments (0)
Separation of Duties for System Administrators
January 09, 2012 Added by:Rafal Los
How do our organizations treat administrators (more specifically highly privileged users) when they are removed from active duty? It seems that in large organizations the issue is easier to at last draw a line around than in smaller orgs - but the problems remain...
Comments (1)
ICS-CERT: Control System Internet Accessibility Advisory
January 09, 2012 Added by:Headlines
The use of readily available and generally free search tools significantly reduces time and resources required to identify Internet facing control systems. In turn, hackers can use these tools to easily identify exposed control systems, posing an increased risk of attack...
Comments (0)
Initiative to Protect the Electric Grid from Cyber Threats
January 09, 2012 Added by:Headlines
The project, a White House initiative led by the DOE in partnership with the DHS, will leverage private industry and public sector experts to build on existing cybersecurity strategies to create a more comprehensive and consistent approach to protecting the nation’s energy delivery system...
Comments (0)
Smart-Grid Security Will Force New Ways of Thinking
January 06, 2012 Added by:Larry Karisny
The problem is we can no longer look at IPS and IDS solutions of the past when trying to secure the enormous amount of data now in the grid data. The old way of doing this is just too expensive, too complex, too slow and frankly doesn't get the job done...
Comments (0)
Defense Against the Black Arts: How Hackers Do What They Do
January 04, 2012 Added by:Ben Rothke
Defense against the Black Arts is another in the line of hacking overview books that started with the first edition of Hacking Exposed. Like Hacking Exposed, the book walks the reader through the process of how to use hacking tools and how to make sense of their output...
Comments (1)
Was Stratfor Breached By an Insider?
January 03, 2012 Added by:Jeffrey Carr
I'm not accusing Michael Mooney of being involved. I am, however, stating that attacks by insiders who hold a grudge against their employer are common and Mooney's position along with the circumstances around his departure will certainly be explored by law enforcement...
Comments (4)
Financial Sector Remains Vulnerable to Cyber Attacks
January 03, 2012 Added by:Headlines
"Within government, responsibility is fragmented. In America, the Treasury, other financial regulators, the Department of Homeland Security, the Pentagon, the FBI, the National Security Agency and others all have a hand in financial cybersecurity..."
Comments (0)
Analyzing the Poneman Study on Privileged Users
December 29, 2011 Added by:Rafal Los
How much access do those employees and system administrators have to your critical intellectual property, company secrets and other secret information? And how often do they take a peek behind the curtain... you know, just for curiosity?
Comments (0)
The Next Cyber Weapon: Hypothesis on Stuxnet Three
December 28, 2011 Added by:Pierluigi Paganini
These are works in progress and they will be improved with components developed to attack strategic targets. Which are the features that we believe may be present in future versions of these dreaded malware? Asking yourself this question is crucial to guide research...
Comments (0)
Autumn Spring: A Philosophical Look at the Internet
December 28, 2011 Added by:Richard Thieme
Internet pioneers such as J. C. R. Licklider, saw what would happen when we plugged computers into one another: We will live in a human-computer symbiosis, a coupling of symbol-manipulating networks that will be much greater than the sum of its parts...
Comments (0)
The Security Impact of Performance
December 22, 2011 Added by:Rafal Los
DDoS is being used as a tool that has turned poor performing systems into weapons against their implementers. It proves that no matter how big the pipe you have, it's possible to push so much traffic that the odds of handling it properly and staying available are virtually zero...
Comments (2)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)