Latest Posts

7fef78c47060974e0b8392e305f0daf0

Secure Your Chance to Win a Copy of 'The Source Code'

May 08, 2011 Added by:Infosec Island Admin

In an age when people are becoming more reliant on computers for both work and personal use, exposure to cyber-hackers and the risk associated with identify theft is escalating at an alarming rate. William A. Thau’s novel seems to be an eerie foreshadowing of recent events...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Supporting "Unmaintainable" Applications

May 08, 2011 Added by:Rafal Los

A solid Software Security Assurance program takes into consideration the legacy risks from all the applications that have existed before a security program came into being. The issues that surround legacy applications are complex, and can create headaches for security teams...

Comments  (0)

4ed54e31491e9fa2405e4714670ae31f

Smart Phone Privacy and Anonymizing the Nokia N900

May 08, 2011 Added by:Kyle Young

A lot of people are now using and relying on smart phones. Part of what makes these devices so ’smart’, is their ability to gather information on the user and use this information.The problem with this is that a lot of private information is being gathered...

Comments  (2)

7bfe168f64fb31f08811347a43204d8e

Skype IM (MAC OS X) - Is This The Zero-Day ?

May 08, 2011 Added by:Rohit Bansal

Skype fails to instantiate between the payloads that are sent as hyperlinks in the chat window. The attacker only requires a definitive payload to exploit this issue. Basically, we call it as a Skype Remote Scripting Injection...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Compliance: Know Who You Are Doing Business With

May 06, 2011 Added by:Thomas Fox

Both risk and compliance are converging. Your company should review its compliance program in these three areas to determine if any of its business relationships are on the lists set out in this article. Not only does it make business sense, but it may keep you out of regulatory scrutiny..

Comments  (0)

F520f65cba281c31e29c857faa651872

Chinese Hackers Are Hungry for Information

May 06, 2011 Added by:Rahul Neel Mani

Stuart McClure, Senior Vice President at McAfee co-authored his best-selling book Hacking Exposed: Network Security Secrets & Solutions 12 years ago. In an interview with Varun Aggarwal, he talks about how things have changed since then as he launched the new edition of his book...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Hackers Planning Third Attack on Sony Networks

May 06, 2011 Added by:Headlines

A third attack is planned against Sony's Web site. The people involved plan to publicize all or some of the information, which could include customer names, credit card numbers, and addresses, according to the source. The hackers claim they currently have access to some of Sony's servers...

Comments  (0)

Af9c34417f8e5e0d240850bb353b5d40

Is Too Much Focus Put on the Application Layer?

May 06, 2011 Added by:Keith Mendoza

Information system security is really nothing new, its just that no one has paid attention to it until recently; and the focus seem to mostly be on securing the application. My question is: who will make sure that the attack vector will not come from the hardware layer?

Comments  (4)

3e35900ae6facc6c146a85c435c71d82

Terrorism and New Media: The Post Al Qaeda Generation

May 06, 2011 Added by:Ben Rothke

The Internet has revolutionized how we socialize and do business, speeding commerce, facilitating knowledge sharing, and creating networks that could not have existed a decade ago. Unfortunately, terrorists reap the same benefits...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Osama Bin Laden's Computer Files and Data Encryption

May 06, 2011 Added by:Headlines

"Correctly implemented encryption is very difficult to break. If data is encrypted correctly using good, best practices, I'm not aware of the ability to break that encryption. If correctly implemented and done by someone who understands how to do it, it's a huge, huge challenge..."

Comments  (0)

850c7a8a30fa40cf01a9db756b49155a

Nine Deadly Cyberwarfare Sins

May 05, 2011 Added by:J. Oquendo

In a conventional war, superpowers still have deterrents: nuclear weapons, financial fallout and so on. In a cyberwar, there is nothing more than imagined deterrents because as an attacker, anonymity will reign supreme. Deterrents do not apply on the cyber battlefield...

Comments  (0)

Cb7f24bc3f25d24cc77090478a2f30b5

How LastPass Protected Passwords and What Changed

May 05, 2011 Added by:Eric Irvin

New passwords will now be hashed using PBKDF2 with SHA-256 hashing, a 256-bit salt, and 100,000 rounds of pseudo-randomization and salting. In comparison, BlackBerry uses 1 round and the Apple iOS4 uses 10,000 rounds. With this implementation, password cracking becomes extremely difficult...

Comments  (0)

29fb4966bdfcfff5545ae464c771071b

Data Security Explained in Simple Terms

May 05, 2011 Added by:Gurudatt Shenoy

The argument that devices can be stolen and thus cannot be fail-proof against data theft can be certainly countered by the fact that such devices can be detected quite early and rendered unusable, as compared to stolen passwords that are most often detected only once the damage is done...

Comments  (2)

37d5f81e2277051bc17116221040d51c

McAfee’s Most Unwanted Identity Theft Criminals

May 05, 2011 Added by:Robert Siciliano

McAfee has created a tongue-in-cheek list of the most unwanted identity thieves, describing the various techniques thieves use to steal your information. It’s clever and, unfortunately, very real...

Comments  (0)

0dc5fdbc98f80f9aaf2b43b8bc795ea8

Do You Really Know What’s on Your Network?

May 05, 2011 Added by:Global Knowledge

A simple Android app called Caribou is able to open doors with a simple push of a button once the IP address of the server is identified. When you think of the number of access card systems installed in HOA’s and businesses across the nation, the enormity of the risk becomes easily apparent...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

LastPass Password Manager Issues Security Alert

May 05, 2011 Added by:Headlines

To counter the potential threat, LastPass is going to force everyone to change their master passwords. Additionally, they're going to want an indication that you're you, by either ensuring that you're coming from an IP block you've used before or by validating your email address...

Comments  (1)

B64e021126c832bb29ec9fa988155eaf

How to Recognize and Analyze a Fake Anti-Virus Message

May 05, 2011 Added by:Dan Dieterle

Trying to figure out how I was redirected to this fake AV site from clicking on a Google image, I found something interesting. Hovering over the picture, I noticed that the website that showed up under the image looked legit, but the image URL pointed to a completely different website...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

Sony Tells Congress Anonymous DDoS Aided Breach

May 05, 2011 Added by:Headlines

Initially, Sony representatives did not seek to connect the hacktivist group with the data breach event. That has changed now that forensic investigators have located a file on the hacked PSN systems named "Anonymous" and containing the movement's tagline "We are Legion"...

Comments  (0)

C787d4daae33f0e155e00c614f07b0ee

Architecting Secure Information Systems

May 04, 2011 Added by:Robb Reck

Creating secure systems from the ground up requires different skills than buying and bolting on technologies to implement security after the fact. You have the chance to build this new system with a strong foundation. Do not miss your chance to show how security should be addressed...

Comments  (0)

47d6748b0a28ace8263ed75fec1afe4c

Information Security Policies and Procedures Part 3

May 04, 2011 Added by:Alex Hamerstone

Search engines place a vast body of human knowledge at your fingertips. This vast knowledge often includes the intellectual property of others. Finding policies on the internet and using control H to place your organization’s name in place of another is not only wrong, it is also ineffective...

Comments  (0)