Latest Posts

69dafe8b58066478aea48f3d0f384820

Symantec: Spammers Creating Fake URL Shorteners

May 25, 2011 Added by:Headlines

“With legitimate URL-shortening services attempting to tackle abuse more seriously, spammers seem to be experimenting with ways to establish their own services to better avoid disruption... We expect spammers to continue abusing them..."

Comments  (0)

Dd9902bc56a9d85cdc62c00083ea4871

Human Error Leads to Third Strike for Sony

May 25, 2011 Added by:Katie Weaver-Johnson

Organizations who are unable to measure situational awareness at the individual level will continue to suffer expensive breaches. All individuals need to understand their individual roles and responsibilities for protecting sensitive and personal information...

Comments  (3)

69dafe8b58066478aea48f3d0f384820

Homemade Cyber Weapon On Par With Stuxnet Virus

May 25, 2011 Added by:Headlines

"The reaction by Siemens is the old school knee-jerk reaction: 'Just 'cus some kids can do it does not mean we are targeted'. Industrial control vendors and users have to take this very seriously. They are being targeted, they are vulnerable, and the repercussions could be expensive..."

Comments  (0)

924ce315203c17e05d9e04b59648a942

Modern Malware Defense

May 25, 2011

Ashar Aziz, founder of FireEye, recognized early on that malware, zero day threats, and drive by downloads could slip by defenses that most organizations have deployed. He built the technology to take executables off the wire and run them in a mini-cloud of virtual emulators...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Bank of America's $10 Million Dollar Breach Loss

May 25, 2011 Added by:Headlines

"It's a huge issue for all types of consumer information that is stored, and it's being heavily targeted by all kinds of breaches. Organized crime either had an employee planted or reached out to an employee and got them in on the hack. We're seeing this more and more..."

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Prescriptive Software Security Assurance for SMBs

May 25, 2011 Added by:Rafal Los

Can you handle the work it would take to ratchet up security on your applications? If you've got more than a dozen applications with more then 5 in the pipeline, you can figure on a single non-dedicated resource being able to handle one application security test per week, tops...

Comments  (0)

0dc5fdbc98f80f9aaf2b43b8bc795ea8

Fourteen Important Security Policy Strategies

May 24, 2011 Added by:Global Knowledge

In light of today's information economy, security is essential across every aspect of both small and large organizations. Without sensible security, an organization is at risk not only from malicious outsiders but also ill-intentioned employees or random mistakes...

Comments  (0)

53692ae1a8e713373b8a487ce89ee3e2

Affected by the PSN Breach? Here’s What to Do Next...

May 24, 2011 Added by:Tom Eston

Sony has not confirmed or denied that credit card data was stolen; however, as a customer you should take the following precautions when using a PS3 or any game console, including XBOX Live and Nintendo’s Wii and DS systems...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Use of Facebook at Work Does Not Violate the CFAA

May 24, 2011 Added by:David Navetta

Frankly, had the court held otherwise virtually every employee with computer access around the country – or rather, at least within the Middle District of Florida - would have been subject to a CFAA counterclaim if fired and thereafter attempting to sue in response...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Could the IT Staff Hold Your Company Hostage?

May 24, 2011 Added by:Headlines

Report: "A significant number of IT staff could cause chaos for their organizations with their knowledge of and access to digital certificates and encryption keys due to lack of management controls and no separation of duties..."

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Social Engineering Gains Ever More Credibility

May 24, 2011 Added by:PCI Guru

At the end of the day, everything in an organization’s security posture comes down to the people who interact with the information you are trying to protect. It only takes one person having a bad day to make all of an organization’s security technology and other controls impotent...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Anonymous Launches DDoS Attack on USChamber.com

May 24, 2011 Added by:Headlines

At the time of this article's publication, the U.S. Chamber website was experiencing intermittent downtime. Anonymous now seems to be probing the systems for other vulnerabilities, such as susceptibility to a SQL-based attack...

Comments  (0)

959779642e6e758563e80b5d83150a9f

On Data Retention – When Not to Backup Data

May 24, 2011 Added by:Danny Lieberman

How much damage would be incurred if there was breach? For the purpose of asset valuation, we distinguish between customer data without PII and customer data that may have PII. Let’s consider 4 key assets of a company that designs and manufactures widgets and sells them over the Internet...

Comments  (0)

9259e8d30306ac2ef4c5dd1936e67634

Management’s View of Information Security

May 23, 2011 Added by:Dejan Kosutic

One of the often misunderstood aspects of information security is that most of the problems (i.e. incidents) happen not because of technology, but because of human behavior. Most of the investments needed will be in defining new policies & procedures and in training & awareness programs...

Comments  (0)

44fa7dab2a22dc03b6a1de4a35b7834a

Is the Cloud More Secure Than a Physical Environment?

May 23, 2011 Added by:Bill Gerneglia

An advantage of the cloud in terms of security is that it is utility based. If you use a managed solution that is flexible, allowing you to pay for its utility, even if you are a small company, then security should be packaged in...

Comments  (0)

44a2e0804995faf8d2e3b084a1e2db1d

Dutch ISP KPN Admits to Deep Packet Inspection

May 23, 2011 Added by:Don Eijndhoven

On may 10th of this year at an investor meeting KPN's Director of Mobile Marco Visser played a hefty game of braggadocio by openly admitting to the use of Deep Packet Inspection (DPI) on its networks and being the first operator in the world to do so...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

LinkedIn SSL Leaves Accounts Vulnerable to Hijacking

May 23, 2011 Added by:Headlines

"There exists multiple vulnerabilities in LinkedIn in which it handles the cookies and transmits them over SSL. This vulnerability if exploited, can result in hijacking of user accounts, and/or modifying the user information without the consent of the profile owner..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Researcher Rebukes Siemens Over SCADA Exploits

May 23, 2011 Added by:Headlines

"The vulnerabilities are far reaching and affect every industrialized nation across the globe. This is a very serious issue. As an independent security researcher and professional security analyst, my obligation is not to Siemens but to their consumers..."

Comments  (10)

37d5f81e2277051bc17116221040d51c

Predators Using Social Media to Stalk Kids

May 23, 2011 Added by:Robert Siciliano

With the openness of social media, predators know what a kid likes, doesn’t like, who their friends are, and often their phone numbers, where they live, go to school, sports teams they play on etc. The list goes on and on...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Sony Networks Hit Twice More By Hackers

May 23, 2011 Added by:Headlines

"It is nearly impossible to run a totally secure Web presence, especially when you are the size of Sony. As long as it is popular within the hacker community to expose Sony's flaws, we are likely to continue seeing successful attacks against them..."

Comments  (0)