Latest Posts


The EMV-Contactless World According to Visa

October 11, 2011 Added by:PCI Guru

If Visa were to work with the industry to produce a common API for EMV and contactless cards with PIN online, that would drive adoption of more secure cards in the US because there would be a business reason for adoption. Without such a driver, they are still a solution looking for a problem...

Comments  (8)


Navy Developing Cyber Battle Lab in Florida

October 11, 2011 Added by:Headlines

"The next war could be one where not a single bomb is dropped. Why would they if another country could take down our financial system, or shut down commercial aviation for two weeks? The scary part is there are folks who spend all day trying to do just that..."

Comments  (1)


Public/Private Collaboration to Fight Botnet Plague

October 11, 2011 Added by:Headlines

Botnets have increasingly put computer owners at risk. Researchers estimate that about 4 million new botnet infections occur each month. When a computer is infected by a botnet, personal information and communications can be monitored and Internet access can be exploited...

Comments  (0)


Network Security and Mandatory Disclosure

October 10, 2011 Added by:Craig S Wright

Security disclosures can have an impact on a company’s share price. Some organisations actually have no economic impact from a breach. For others, the effect is catastrophic. But, security through obscurity is simply false security and leaves us vulnerable with no way to measure the true risk...

Comments  (2)


Activation Procedures for Business Continuity Plans

October 10, 2011 Added by:Dejan Kosutic

Having a business continuity plan is nice, but if you don't know when and how to start using it, the money you've invested in it was spent in vain. Even worse, you'll likely lose quite a lot of money because your business operations will be disrupted...

Comments  (0)


Utilizing the Corporate Secretary in Compliance Efforts

October 10, 2011 Added by:Thomas Fox

The Corporate Secretary sits at the intersection of the company where they can change the marketplace, and has to be informed about sustainability ethics and provide updates to the board, including CEOs, which provides an opportunity to shape an ethics and compliance program...

Comments  (0)


Over 100 Arrested in Credit Card Fraud Operation

October 10, 2011 Added by:Headlines

"This is by far the largest... identity theft/credit card fraud cases that law enforcement has come across. Credit card fraud and identity theft are two of the fastest growing crimes in the United States, afflicting millions of victims and costing billions..."

Comments  (0)


Consumers: Just Looking for a Digital McDonalds

October 10, 2011 Added by:Javvad Malik

Unlike the comparatively simple topic of world politics, information security is not just the responsibility of the government or companies. Users need to be educated so that they are best equipped to protect their own data and to allow them to put pressure on companies who don’t protect data...

Comments  (0)


Taking on Mobile and Wireless Security at TakeDownCon

October 10, 2011 Added by:Infosec Island Admin

TakeDownCon has raised the bar and set the standards of what a true technical IT security conference is supposed to be. It aspires to be the ideal platform for information security professionals to congregate to learn, network and share their knowledge...

Comments  (0)


US Drone Fleet Infected with Computer Virus

October 10, 2011 Added by:Ron Baklarz

We will probably never know how the infections occurred. Were vendor support connections the cause? Was an infected thumb drive or disk the culprit? At any rate, these types of incidents underscore the enemy's desire to exploit cyber-security to their advantage...

Comments  (0)


Citigroup Faces Class-Action Lawsuit for May Breach

October 10, 2011 Added by:Headlines

“Defendants have taken no steps that adequately or effectively protect cardholders against illegal use of the cardholders’ sensitive and extensive financial records since the breach,” the suit states. Officials estimate that $2.7 million was stolen from 3,400 accounts in the attack...

Comments  (0)


BitDefender Internet Security Suite Review

October 10, 2011 Added by:Dan Dieterle

Let’s be honest with each other, what are the biggest problems with securing PC’s? Having an anti-virus and firewall alone will not completely protect you. You have to have your Windows patches installed, applications need to be kept up to date and you have to use secure passwords...

Comments  (1)


NSA Conference Focused on Trusted Computing

October 10, 2011 Added by:Headlines

"Generally speaking, trusted computing technologies ensure that hardware and software behave as designed. These solutions prevent malicious computer attacks by combining commercially available, off-the-shelf IT tools. The bad guys are forced to break a sweat, and they still lose..."

Comments  (0)


Scanning Applications Faster - A Chicken vs. Egg Problem

October 09, 2011 Added by:Rafal Los

We need to shift the security culture from "find bugs" to "fix bugs" or else we're in deep, deep trouble. Don't get me wrong, once the software industry has figured out how to write secure software by design, then we can worry about demanding bigger, better, faster scanning automation...

Comments  (0)


SOC 2 for Cloud Computing

October 09, 2011 Added by:Chris Schellman, CPA, CISSP, PCI QSA

SOC 2 reports allow cloud providers to communicate information about their services and the suitability of the design and operating effectiveness of their controls to prospective and existing customers in a well-known format that is nearly identical to an SSAE 16 report...

Comments  (2)


Abusing Windows Virtual Wireless NIC Feature

October 09, 2011 Added by:Kyle Young

If the victim computers are part of a Windows domain and have wireless NICs, by automating Metasploit with a pass-the-hash attack and using my script, one could essentially automate deploying a series of rogue ap points throughout a domain. This would be kind of like a network worm...

Comments  (1)


The Lexicon Wars and Impediments to Cybersecurity

October 08, 2011 Added by:Joel Harding

What is cyberwar? Someone claimed that denying, degrading or destroying data on a network would be cyberwar. I admit, that would be bad, but by no stretch of the imagination would one single incident be considered a cyberwar. Of course, it honestly would depend on the targeted network...

Comments  (7)


Security Risk Management

October 07, 2011 Added by:Tony Campbell

The author explores the risk management lifecycle, describes methodologies for qualifying and quantifying risk and levels of risk, and provides examples of how these can best be described and/or presented at a senior management level...

Comments  (0)


Study Shows Banks Blocking More Fraud

October 07, 2011 Added by:Robert Siciliano

The FS-ISAC consists of a group of banks that shares threat information and interacts with the federal government on critical infrastructure issues. Its members include Citi, Prudential, Bank of America, JPMorgan Chase, Goldman Sachs and Wells Fargo, among others...

Comments  (0)


Don't Miss the Security BSides Kansas City Event

October 07, 2011 Added by:Security BSides

Each BSides is a community-driven framework for building events for and by information security community members. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening. You don’t want to miss it...

Comments  (0)