Latest Posts

7fef78c47060974e0b8392e305f0daf0

Mobile and Wireless Security: TakeDownCon Las Vegas

October 19, 2011 Added by:Infosec Island Admin

Due to the rapid escalation of threats affecting wireless operations, TakeDownCon Las Vegas now brings you a highly technical platform which addresses highly technical knowledge which focuses on securing your channels, your data, and ultimately and most importantly – your very own privacy...

Comments  (0)

A9fc84b897add9c382a8f3fa43ce5341

A New Approach to Data Centric Security

October 18, 2011

Data has to be independently classified based on availability, integrity and confidentiality. It needs to be data centric, not focusing on the systems or databases so that while data “travels” through the infrastructure it will keep these attributes without relying on source systems...

Comments  (0)

1156f97fa8f23821bd838fe7d9283d90

A High Level Methodology to Show Due Diligence

October 18, 2011 Added by:David Sopata

Acquisitions, mergers, and new services may introduce new regulations within an organization. If they are not properly maintained they can fluctuate from compliant to non compliant within any given day. So the question is: Does your organization show due care and due diligence?

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

The CERT Oracle Secure Coding Standard for Java

October 18, 2011 Added by:Ben Rothke

The CERT Oracle Secure The CERT Oracle Secure Coding Standard for Java is an invaluable guide that provides the reader with the strong coding guidelines and practices in order to reduce coding vulnerabilities that can lead to Java and Oracle exploits...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Anonymous, SCADA, Lulz, DHS, and Motivations

October 18, 2011 Added by:Infosec Island Admin

The motivations of DHS have also been called into question by some. This is especially prescient since they take pains to say that the Anonymous movement “most likely” does not have the technical means and motive to really pull of these types of attacks on the infrastructure. So why even bother?

Comments  (0)

37d5f81e2277051bc17116221040d51c

Think You’re Protected? Think Again...

October 18, 2011 Added by:Robert Siciliano

Now as companies leverage the power of the web, information security has evolved yet again: We are in the application security era. And as big companies get better at locking down their software and protecting their data, criminals are targeting the little guy...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Air Force Drones Were Hit by Online Gaming Malware

October 18, 2011 Added by:Headlines

The UAV drone system were not the target of the malware. Instead, according to an anonymous defense official, the malware discovered was the kind that is “routinely used to steal log-in and password data from people who gamble or play games like Mafia Wars online..."

Comments  (1)

Bbb285308604bc5fbb9b43590d0501f6

Security BSides Atlanta is Back!

October 18, 2011 Added by:Security BSides

The goal is to expand the conversation beyond the traditional confines. BSides creates opportunities to both present and participate in an atmosphere that encourages collaboration. It is where conversations for the next-big-thing are happening. You don’t want to miss it...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Security Investment to Focus on Utility Control Systems

October 18, 2011 Added by:Headlines

“Unfortunately, one thing has not changed. Cyber security is still way behind the attackers. Even where strong countermeasures exist, they are not consistently deployed, and most sophisticated attackers look at smart grids from a systemic perspective..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Federal Cloud Technology Roadmap to be Introduced

October 18, 2011 Added by:Headlines

NIST’s role is to help accelerate the secure and effective adoption of cloud computing. The agency leads efforts to develop standards and guidelines and advance cloud computing technology in collaboration with standards bodies, businesses, and government agencies...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

PCI Defense In Depth

October 17, 2011 Added by:PCI Guru

It has been more than five years since the “sa” default password debacle and yet you still encounter applications that use service accounts to access their database and those service accounts have no password. The rationale? “We did not want to code the password into the application..."

Comments  (0)

E11e506024f5d2b70f037b9af4734f33

UK Government to Strengthen Cyber-Warriors Force

October 17, 2011 Added by:Stefano Mele

Prime Minister David Cameron presented a response to issues raised by the Intelligence and Security Committee (ISC) in its 2010–2011 Annual Report, which expressed concerns at the inability of GCHQ, the British intelligence service, to retain internet specialists to respond to threats...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Impact: The Biggest Security Breaches of All Time

October 17, 2011 Added by:Headlines

While 2011 may be the year of the breach, the record for overall breach impact is still held by credit card payment processor Heartland Payment Systems with over 130 million accounts affected and costs in the neighborhood of seven billion dollars...

Comments  (1)

8b5e0b54dfecaa052afa016cd32b9837

How IPv6 and the Cloud Will Help Us be More Secure

October 17, 2011 Added by:Craig S Wright

Done correctly, IPv6 can make for extremely secure networks. By using Group Policy and a number of other tools with Linux or Mac it is possible to make a secure mobile network. It is more difficult under IPv4 due to the constraints on the protocol and the nature of DHCP (against DHCPv6)...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

Indian Team Takes Global CyberLympics Regional Title

October 17, 2011 Added by:Headlines

“We are very honored to have this initiative supported by key players in the information security community, including IMPACT, the cybersecurity executing arm of the United Nations, and also appreciative to GITEX, one of the 3 largest ICT exhibition in the world, for being such good hosts..."

Comments  (0)

99edc1997453f90eb5ac1430fd9a7c61

The Great Infosec Cop-Out?

October 17, 2011 Added by:Javvad Malik

Often, security people find ways to pass the blame onto our end users. In some cases this is justified; but not all the time. And because of this, I feel it’s come to be one of the biggest cop-outs in the field of information security...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

NIST Guide for Monitoring Information Systems Security

October 17, 2011 Added by:Headlines

Information Security Continuous Monitoring for Information Systems and Organizations provides guidance for information security monitoring in all types of systems – a term that encompasses not only computer networks but also a host of other interconnected devices and software...

Comments  (0)

Ad5130e786d13531cc0f2cde32dacd0f

To Pen Test or Not to Pen Test, That is the Question...

October 16, 2011 Added by:Andrew Weidenhamer

A penetration assessment is simply used as a means to identify vulnerabilities and provide proof of concept on exploiting these vulnerabilities. It effectively better explains ratings associated with vulnerabilities which produces more conscious security professionals...

Comments  (6)

B64e021126c832bb29ec9fa988155eaf

File Forensics: Unzipping Word Docs to See XML Source

October 16, 2011 Added by:Dan Dieterle

Run the Docx file through an unzip program and you can see several files and folders full of XML data. You will also find information that could be very useful for forensics, including file revision, creation and modify dates, document creator and the person one to modify the document...

Comments  (1)

44fa7dab2a22dc03b6a1de4a35b7834a

IT Skill and Salary Trends 2011

October 16, 2011 Added by:Bill Gerneglia

The demand for certain IT skills come and go with the economy. Certain skills are always in demand and others to a lesser degree. As an IT worker are you earning what you are worth? As an IT manager are you paying too much or too little to your IT staff?

Comments  (0)