Blog Posts Tagged with "Monitoring"
September 01, 2011 Added by:Headlines
"The Windows Mobile operating system is clearly sending information that can lead to accurate location information of the mobile device regardless of whether the user allowed it," said Kamkar, who provided the analysis of the tracking methods for Lawyers seeking to establish a class action lawsuit...
August 15, 2011 Added by:Anton Chuvakin
I spent years whining about how use cases and your requirements should be driving your SIEM purchase. And suddenly Anton shows up with a simple Top 10 list. This list was built with some underlying assumptions which I am not at liberty to disclose. Think large, maybe think SOC, think complex environment...
August 11, 2011 Added by:Headlines
The results of a live poll conducted at its annual North American Insights client conference show fraud and cyber crime continue to be among the most daunting issues that banks are facing today. Bankers believe it is a challenge that they will never be able to get under control...
August 03, 2011 Added by:Alexander Rothacker
Modern databases provide powerful built-in auditing capabilities that are often underestimated. There are downsides of native auditing like the ability for a malicious user to manipulate the audit trail. Overall, this feature allows customers to monitor database activity at a very granular level...
August 01, 2011 Added by:Headlines
The data collected includes device MAC addresses and corresponding street addresses, which could be used to identify individual users in what amounts to clandestine tracking of customer movements. In fact, staff at Cnet were able to retrieve very specific device tracking information...
July 31, 2011 Added by:Kurt Aubuchon
You might want to keep an eye on the various pastebin sites for mentions of your organization's domain names, IP addresses, proprietary application names, or other info that could be evidence of problems. Unfortunately, keeping an eye on all the pastebins on the internet is difficult...
July 28, 2011 Added by:Headlines
"We live in a data-driven society and access to sensitive or proprietary data continues to bleed past organizational walls, making it a challenge for IT security teams to protect corporate data. Organizations must be able to proactively identify and mitigate security threats in real time..."
July 09, 2011 Added by:Danny Lieberman
PCI DSS 2.0 does not require outbound, real time or any other kind of data loss monitoring. The phrases “real time” and “data loss” don’t appear in the standard. In an informal conversation with a PCI DSS official in the region, he confessed to not even being familiar with DLP...
June 16, 2011 Added by:Rod MacPherson
Evasion techniques are not attacks on their own, but rather a sneaky way to get whatever attack you want to use past the network monitoring and policing systems to the target host. It's not about the bad-guy asking "How can I hack in?", but "How can I hack in without being seen?"
May 18, 2011 Added by:Anton Chuvakin
Be prepared to keep the old SIEM running - without paying for the support contract, of course - or at least keep the old data backups – this becomes important if complete data migration is impossible due to architecture differences between the new and old SIEMs...
May 13, 2011 Added by:Allan Pratt, MBA
When stores or restaurants offer a loyalty card, in exchange, the customer is asked to provide name, telephone number, email address, snail mail address, and possibly other defining characteristics or shopping preferences. But what happens to my confidential information?
May 02, 2011 Added by:PCI Guru
Epsilon appears to have caught this breach quickly because they were monitoring their network systems. What this incident points out is that even when you are monitoring your environment, it still takes a while to recognize that a breach is in progress...
April 21, 2011 Added by:Headlines
"Anyone who gains access to this single file could likely determine the location of the user's home, the businesses he frequents, the doctors he visits, the schools his children attend, and the trips he has taken over the past months or even a year..."
April 20, 2011 Added by:Headlines
The court of appeals’ decision seriously impedes the government’s use of GPS devices at the beginning of an investigation when officers are gathering evidence to establish probable cause and provides no guidance on the circumstances under which officers must obtain a warrant...
April 08, 2011 Added by:Anton Chuvakin
This page lists a few popular free open-source log management and log analysis tools. The log cheat sheet presents a checklist for reviewing critical system, network and security logs when responding to a security incident. It can also be used for routine periodic log review...
April 06, 2011 Added by:Robb Reck
Next time an information security expert tells you that a system is secure ask him, “What kind of secure?” We know that choices are always made and vulnerabilities always left unmitigated. Knowing which ones to address and which to accept is what makes a security program effective...
Steps Toward Weaponizing the Android Platfor... Freid Jerome on 05-17-2013