Blog Posts Tagged with "Monitoring"
Microsoft's Addiction to Collecting Tracking Data
September 01, 2011 Added by:Headlines
"The Windows Mobile operating system is clearly sending information that can lead to accurate location information of the mobile device regardless of whether the user allowed it," said Kamkar, who provided the analysis of the tracking methods for Lawyers seeking to establish a class action lawsuit...
Comments (0)
Top Ten Criteria for an SIEM
August 15, 2011 Added by:Anton Chuvakin
I spent years whining about how use cases and your requirements should be driving your SIEM purchase. And suddenly Anton shows up with a simple Top 10 list. This list was built with some underlying assumptions which I am not at liberty to disclose. Think large, maybe think SOC, think complex environment...
Comments (0)
Majority of Bankers Say Cyber Crime is Uncontrollable
August 11, 2011 Added by:Headlines
The results of a live poll conducted at its annual North American Insights client conference show fraud and cyber crime continue to be among the most daunting issues that banks are facing today. Bankers believe it is a challenge that they will never be able to get under control...
Comments (0)
Native Auditing In Modern Relational Database Management
August 03, 2011 Added by:Alexander Rothacker
Modern databases provide powerful built-in auditing capabilities that are often underestimated. There are downsides of native auditing like the ability for a malicious user to manipulate the audit trail. Overall, this feature allows customers to monitor database activity at a very granular level...
Comments (3)
Microsoft Database Tracks Laptops and Smart Phones
August 01, 2011 Added by:Headlines
The data collected includes device MAC addresses and corresponding street addresses, which could be used to identify individual users in what amounts to clandestine tracking of customer movements. In fact, staff at Cnet were able to retrieve very specific device tracking information...
Comments (0)
Pastebin Security Risks: Monitoring with Rollyo Searchrolls
July 31, 2011 Added by:Kurt Aubuchon
You might want to keep an eye on the various pastebin sites for mentions of your organization's domain names, IP addresses, proprietary application names, or other info that could be evidence of problems. Unfortunately, keeping an eye on all the pastebins on the internet is difficult...
Comments (1)
Data Thefts Surge Despite Increased Budgets
July 28, 2011 Added by:Headlines
"We live in a data-driven society and access to sensitive or proprietary data continues to bleed past organizational walls, making it a challenge for IT security teams to protect corporate data. Organizations must be able to proactively identify and mitigate security threats in real time..."
Comments (0)
Using DLP to Prevent Credit Card Breaches
July 09, 2011 Added by:Danny Lieberman
PCI DSS 2.0 does not require outbound, real time or any other kind of data loss monitoring. The phrases “real time” and “data loss” don’t appear in the standard. In an informal conversation with a PCI DSS official in the region, he confessed to not even being familiar with DLP...
Comments (0)
Advanced Evasion Techniques
June 16, 2011 Added by:Rod MacPherson
Evasion techniques are not attacks on their own, but rather a sneaky way to get whatever attack you want to use past the network monitoring and policing systems to the target host. It's not about the bad-guy asking "How can I hack in?", but "How can I hack in without being seen?"
Comments (0)
How to Replace an Enterprise SIEM
May 18, 2011 Added by:Anton Chuvakin
Be prepared to keep the old SIEM running - without paying for the support contract, of course - or at least keep the old data backups – this becomes important if complete data migration is impossible due to architecture differences between the new and old SIEMs...
Comments (0)
Loyalty Cards vs. Privacy Concerns
May 13, 2011 Added by:Allan Pratt, MBA
When stores or restaurants offer a loyalty card, in exchange, the customer is asked to provide name, telephone number, email address, snail mail address, and possibly other defining characteristics or shopping preferences. But what happens to my confidential information?
Comments (0)
What Can We Learn From The Epsilon Breach?
May 02, 2011 Added by:PCI Guru
Epsilon appears to have caught this breach quickly because they were monitoring their network systems. What this incident points out is that even when you are monitoring your environment, it still takes a while to recognize that a breach is in progress...
Comments (0)
Hidden iOS File Records Tracking Information
April 21, 2011 Added by:Headlines
"Anyone who gains access to this single file could likely determine the location of the user's home, the businesses he frequents, the doctors he visits, the schools his children attend, and the trips he has taken over the past months or even a year..."
Comments (2)
Feds Want Supreme Court to Allow Warrantless GPS Tracking
April 20, 2011 Added by:Headlines
The court of appeals’ decision seriously impedes the government’s use of GPS devices at the beginning of an investigation when officers are gathering evidence to establish probable cause and provides no guidance on the circumstances under which officers must obtain a warrant...
Comments (0)
Open Source Log Management Tools List
April 08, 2011 Added by:Anton Chuvakin
This page lists a few popular free open-source log management and log analysis tools. The log cheat sheet presents a checklist for reviewing critical system, network and security logs when responding to a security incident. It can also be used for routine periodic log review...
Comments (0)
When Security Requirements Conflict
April 06, 2011 Added by:Robb Reck
Next time an information security expert tells you that a system is secure ask him, “What kind of secure?” We know that choices are always made and vulnerabilities always left unmitigated. Knowing which ones to address and which to accept is what makes a security program effective...
Comments (0)
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox
- The Emperor Is Naked!
- Infographic: Keeping Web Applications Safe
- Do You Have a Vendor Security Check List? You Should!