Latest Posts

69dafe8b58066478aea48f3d0f384820

Scriptkiddies Claim Fox News Twitter Account Hack

July 05, 2011 Added by:Headlines

"We will be requesting a detailed investigation from Twitter about how this occurred and measures to prevent future unauthorized access into FoxNews.com accounts," said Jeff Misenti, Fox News Digital's vice president and general manager...

Comments  (0)

959779642e6e758563e80b5d83150a9f

A Strategy for Combating Cyber Terror

July 05, 2011 Added by:Danny Lieberman

If we consider that cyber terror is not fundamentally different than bombers with suicide belts, we are drawn to consider the amount of damage caused by any terror attack whether on the street or in a database. Reducing the probability of attack means reducing the threat surface...

Comments  (0)

Fb2f7bf492894baca81fd99ef7a8516c

Protecting Our Data

July 04, 2011 Added by:Michael Fisher

Do you provide unmonitored access to your data and IP? What is really at stake here? Can we afford the status Quo when it comes to security? Is this a rarity or an everyday occurrence? So many questions, so few answers. Intellectual Property needs to be protected like a new born baby...

Comments  (8)

44a2e0804995faf8d2e3b084a1e2db1d

Dutch Cyber Security Council Now Operational

July 04, 2011 Added by:Don Eijndhoven

Though it is positive that the Cyber Security Council was made operational so quick, it is sad that the Dutch government did not provide a course for others to participate. Obviously the first batch of members have been hand-picked - it could hardly be called a democratic process...

Comments  (0)

F29746c6cb299c1755e4087e6126a816

Spear Phishing Scams Hook Victims

July 04, 2011

2011 has been the year of the data breach. With what seems like a new report of a data breach each day, scams are on the rise. Identity Theft 911 Founder and Chairman Adam Levin talks to ABC about what consumers should do to protect themselves...

Comments  (0)

A88973e7d0943d295c99820ab9aeed27

Server Security in the Cloud

July 03, 2011 Added by:Simon Heron

When your data is “in the cloud” there is the clear and unmistakable risk that you could be sharing resources with not-so-ethical companies who may suddenly end up under investigation. Suddenly, you could lose your server and your website without notice, bringing business to a halt...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Shamikh1.info: The New Den of Scum and Villainy

July 02, 2011 Added by:Infosec Island Admin

It's anyone’s guess as to the attack's perpetrators, methods, and final outcome until someone from the Al-Qaeda camp speaks up. Meanwhile, the media will continue to spin on MI6 hacking them or those mysterious British hackers that many articles mentioned. “Bollocks” As they say in England...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

How a Major Data Breach is Like Quicksand

July 01, 2011 Added by:Rafal Los

Put yourself in the shoes of a few of the major organizations that have had high-profile data breaches due to compromised applications or web sites lately... the more they struggle and fight, the worse things appear to get. Why is this? Remember that there are no castle walls...

Comments  (1)

01c4fd4b99c7e58b46a7156c08e722ea

The New CompTIA CASP Certification

July 01, 2011 Added by:Michael Gregg

The CompTIA Advanced Security Practitioner (CASP) is an advanced enterprise level cert for those with 10+ years IT experience and at least five years in security. While there are many entry-level certifications, CASP will be the enterprise-level advanced security certification...

Comments  (0)

7c5c876d1933023ac375eead04302e1a

What the CISSP Won't Teach You Part Deux

June 30, 2011 Added by:Boris Sverdlik

You should use a layered security model. Port Security should be enabled; IDS Response rules should trigger a port shutdown on multiple ARP responses past a certain threshold. Are you seeing yet how attackers think?? The CISSP will not teach you to think outside the box...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Understanding Offensive Security

June 30, 2011 Added by:Danny Lieberman

“National security authorities may not even acknowledge that their interests align with a company that has suffered a cyber attack; therefore, companies must think about retaliation..."

Comments  (17)

59d9b46aa00c70238bb89056cfeb96c0

Compliance and the Failure to Escalate

June 30, 2011 Added by:Thomas Fox

Failure to escalate means issues are not reaching the right people in the company, and the issue becomes more difficult and more expensive. A company needs to have a culture in place to actively encourage elevation. This requires that both a structure and process for that structure must exist...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Anonymous Releases "Super Secret Security Handbook"

June 30, 2011 Added by:Headlines

"Always be cautious when tinkering with systems you don't fully understand, as this may lead to undesirable results, detection, and in extreme cases system failure or legal trouble... You the user are ultimately responsible for the security of your own systems...

Comments  (4)

7fef78c47060974e0b8392e305f0daf0

The Game of Whack-A-Mole: Was Al-Shamukh Hacked?

June 30, 2011 Added by:Infosec Island Admin

Who attacked Shamikh and why? There no evidence cited or even hinted at in the real world that MI6 or MI5 for that matter had anything to do with this. For all they know, it could have been The Jester or someone with like technology that DoS’d them and got them yanked offline by their host...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Hacker Attack Disrupts Al-Qaeda Communications

June 30, 2011 Added by:Headlines

“Al-Qaeda's online communications have been temporarily crippled... Hacking attacks by amateur cybervigilantes typically involve one technique, be it DDOS or SQLI. This particular event began as a basic domain hijacking, which does tend to happen every so often..."

Comments  (1)

16443e0c6f6e4a400fd0164b3c406170

When a "Phish" is Really Fishy

June 30, 2011 Added by:Christopher Burgess

Phishing is a way of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity. Recently, one slipped through my filters. I've taken the liberty to identify each item within this phish, which seems fishy...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

PCI SSC Nixes Certification for Mobile Payments Apps

June 30, 2011 Added by:PCI Guru

"Until such time that it has completed a comprehensive examination of the mobile communications device and payment application landscape, the Council will not approve mobile payment applications used by merchants to accept and process payment as validated PA-DSS applications..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Researchers Uncover 4.5 Million Device Super-Botnet

June 30, 2011 Added by:Headlines

“The development of TDSS will continue. Active reworkings of TDL-4 code, rootkits for 64-bit systems, the use of P2P technologies, proprietary anti-virus and much more make the TDSS malicious program one of the most technologically developed and most difficult to analyze..."

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Important Security Tips for Jihobbyists At Majahden

June 29, 2011 Added by:Infosec Island Admin

Majahden have been learning about how psyops, hacking, disinformation, and being pwn3d works. With the new invigoration in the cyber-jihadi community since Osama Bin Laden's demise, they have taken up the gauntlet not only to hack, but to wage a cyber-propaganda campaign like never before...

Comments  (0)

E973b16363b3de77b360563237df7e32

Engaging a Team for a Security Analysis

June 29, 2011 Added by:Bozidar Spirovski

Being involved in a security project requires lot of resources: a good measure of knowledge, a huge measure of experience, some amount of software and personnel. Usually time is in short supply, so this is compensated by more computers or more people...

Comments  (1)