Latest Posts

Fc152e73692bc3c934d248f639d9e963

The EMV-Contactless World According to Visa

October 11, 2011 Added by:PCI Guru

If Visa were to work with the industry to produce a common API for EMV and contactless cards with PIN online, that would drive adoption of more secure cards in the US because there would be a business reason for adoption. Without such a driver, they are still a solution looking for a problem...

Comments  (8)

69dafe8b58066478aea48f3d0f384820

Navy Developing Cyber Battle Lab in Florida

October 11, 2011 Added by:Headlines

"The next war could be one where not a single bomb is dropped. Why would they if another country could take down our financial system, or shut down commercial aviation for two weeks? The scary part is there are folks who spend all day trying to do just that..."

Comments  (1)

69dafe8b58066478aea48f3d0f384820

Public/Private Collaboration to Fight Botnet Plague

October 11, 2011 Added by:Headlines

Botnets have increasingly put computer owners at risk. Researchers estimate that about 4 million new botnet infections occur each month. When a computer is infected by a botnet, personal information and communications can be monitored and Internet access can be exploited...

Comments  (0)

8b5e0b54dfecaa052afa016cd32b9837

Network Security and Mandatory Disclosure

October 10, 2011 Added by:Craig S Wright

Security disclosures can have an impact on a company’s share price. Some organisations actually have no economic impact from a breach. For others, the effect is catastrophic. But, security through obscurity is simply false security and leaves us vulnerable with no way to measure the true risk...

Comments  (2)

9259e8d30306ac2ef4c5dd1936e67634

Activation Procedures for Business Continuity Plans

October 10, 2011 Added by:Dejan Kosutic

Having a business continuity plan is nice, but if you don't know when and how to start using it, the money you've invested in it was spent in vain. Even worse, you'll likely lose quite a lot of money because your business operations will be disrupted...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Utilizing the Corporate Secretary in Compliance Efforts

October 10, 2011 Added by:Thomas Fox

The Corporate Secretary sits at the intersection of the company where they can change the marketplace, and has to be informed about sustainability ethics and provide updates to the board, including CEOs, which provides an opportunity to shape an ethics and compliance program...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Over 100 Arrested in Credit Card Fraud Operation

October 10, 2011 Added by:Headlines

"This is by far the largest... identity theft/credit card fraud cases that law enforcement has come across. Credit card fraud and identity theft are two of the fastest growing crimes in the United States, afflicting millions of victims and costing billions..."

Comments  (0)

99edc1997453f90eb5ac1430fd9a7c61

Consumers: Just Looking for a Digital McDonalds

October 10, 2011 Added by:Javvad Malik

Unlike the comparatively simple topic of world politics, information security is not just the responsibility of the government or companies. Users need to be educated so that they are best equipped to protect their own data and to allow them to put pressure on companies who don’t protect data...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Taking on Mobile and Wireless Security at TakeDownCon

October 10, 2011 Added by:Infosec Island Admin

TakeDownCon has raised the bar and set the standards of what a true technical IT security conference is supposed to be. It aspires to be the ideal platform for information security professionals to congregate to learn, network and share their knowledge...

Comments  (0)

91648658a3e987ddb81913b06dbdc57a

US Drone Fleet Infected with Computer Virus

October 10, 2011 Added by:Ron Baklarz

We will probably never know how the infections occurred. Were vendor support connections the cause? Was an infected thumb drive or disk the culprit? At any rate, these types of incidents underscore the enemy's desire to exploit cyber-security to their advantage...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Citigroup Faces Class-Action Lawsuit for May Breach

October 10, 2011 Added by:Headlines

“Defendants have taken no steps that adequately or effectively protect cardholders against illegal use of the cardholders’ sensitive and extensive financial records since the breach,” the suit states. Officials estimate that $2.7 million was stolen from 3,400 accounts in the attack...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

BitDefender Internet Security Suite Review

October 10, 2011 Added by:Dan Dieterle

Let’s be honest with each other, what are the biggest problems with securing PC’s? Having an anti-virus and firewall alone will not completely protect you. You have to have your Windows patches installed, applications need to be kept up to date and you have to use secure passwords...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

NSA Conference Focused on Trusted Computing

October 10, 2011 Added by:Headlines

"Generally speaking, trusted computing technologies ensure that hardware and software behave as designed. These solutions prevent malicious computer attacks by combining commercially available, off-the-shelf IT tools. The bad guys are forced to break a sweat, and they still lose..."

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Scanning Applications Faster - A Chicken vs. Egg Problem

October 09, 2011 Added by:Rafal Los

We need to shift the security culture from "find bugs" to "fix bugs" or else we're in deep, deep trouble. Don't get me wrong, once the software industry has figured out how to write secure software by design, then we can worry about demanding bigger, better, faster scanning automation...

Comments  (0)

09c2ababe8c6cf526240b751ff11acaa

SOC 2 for Cloud Computing

October 09, 2011 Added by:Chris Schellman, CPA, CISSP, PCI QSA

SOC 2 reports allow cloud providers to communicate information about their services and the suitability of the design and operating effectiveness of their controls to prospective and existing customers in a well-known format that is nearly identical to an SSAE 16 report...

Comments  (2)

4ed54e31491e9fa2405e4714670ae31f

Abusing Windows Virtual Wireless NIC Feature

October 09, 2011 Added by:Kyle Young

If the victim computers are part of a Windows domain and have wireless NICs, by automating Metasploit with a pass-the-hash attack and using my script, one could essentially automate deploying a series of rogue ap points throughout a domain. This would be kind of like a network worm...

Comments  (1)

94ae16c30d35ee7345f3235dfb11113c

The Lexicon Wars and Impediments to Cybersecurity

October 08, 2011 Added by:Joel Harding

What is cyberwar? Someone claimed that denying, degrading or destroying data on a network would be cyberwar. I admit, that would be bad, but by no stretch of the imagination would one single incident be considered a cyberwar. Of course, it honestly would depend on the targeted network...

Comments  (7)

C6dd57cb9806eadc9f7915a90d91aa92

Security Risk Management

October 07, 2011 Added by:Tony Campbell

The author explores the risk management lifecycle, describes methodologies for qualifying and quantifying risk and levels of risk, and provides examples of how these can best be described and/or presented at a senior management level...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Study Shows Banks Blocking More Fraud

October 07, 2011 Added by:Robert Siciliano

The FS-ISAC consists of a group of banks that shares threat information and interacts with the federal government on critical infrastructure issues. Its members include Citi, Prudential, Bank of America, JPMorgan Chase, Goldman Sachs and Wells Fargo, among others...

Comments  (0)

Bbb285308604bc5fbb9b43590d0501f6

Don't Miss the Security BSides Kansas City Event

October 07, 2011 Added by:Security BSides

Each BSides is a community-driven framework for building events for and by information security community members. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening. You don’t want to miss it...

Comments  (0)