September 15, 2013 Added by:Matthijs R. Koot
On September 13th 2013, the Dutch government responded (.pdf, in Dutch) to the revelations by Edward Snowden. Unfortunately, that response is currently only available in Dutch. I decided to translate it to English.
August 26, 2013 Added by:Patrick Oliver Graf
Experts warn that within the next several years, the RSA public key cryptography system could even potentially become obsolete. If that is the case, how will enterprises be able to ensure secure remote access in the near-future?
August 02, 2013 Added by:Patrick Oliver Graf
With many documents critical to matters of national security being accessed on a daily basis, government agencies must ensure that all users trying to establish connections of any type to their networks are who they say they are, that they are authorized to access locations that they are connecting to and that all communications are encrypted.
August 01, 2013 Added by:Jon Stout
There are powerful integrated security dashboards that can be installed and modified to meet each user’s particular needs. Now a company can create hundreds if not thousands of employee cyber warriors with a relatively small investment.
June 24, 2013 Added by:Larry Karisny
Knowing the reality and reasons behind cyberattacks, it’s time to stop talking and start offering resolution to these serious problems. There is no "it won’t happen to me" anymore. We must immediately deploy prevention and detection technologies to our critical processes or frankly, we could lose it all.
May 09, 2013 Added by:Michael Fornal
A security check list is a list of security controls that a vendor or application must meet. These controls can range from how storage back up is to be done, to password complexity requirements. Having a checklist can help you in deciding if the application or vendor conforms to your company’s security requirements.
April 05, 2013 Added by:Simon Moffatt
As the devices becomes smarter, greater emphasis is placed on the data and services those devices access. Smartphones today come with a healthy array of encryption features, remote backup, remote data syncing for things like contacts, pictures and music, as well device syncing software like Dropbox. How much data is actually specifically related to the device?
March 28, 2013 Added by:Gary McCully
I thought it was time to write an update regarding the current state of websites that are using SSL/TLS to protect their web applications. Sadly, the current state of SSL/TLS is pretty pathetic. As of March 19, 2013 the SSL Pulse Project reported that many of the most popular sites on the Internet are still struggling with correctly implementing SSL!
February 19, 2013 Added by:Ben Rothke
When the IBM PC first came out 31 years ago, it supported a maximum of 256KB RAM. You can buy an equivalent computer today with substantially more CPU power at a fraction of the price. But in those 31 years, the information security functionality in which the PC operates has not progressed accordingly.
December 20, 2012 Added by:f8lerror
On to the fun stuff, to capture a hash we want to use the Metasploit capture SMB auxiliary module, which is located in auxiliary/server/capture/smb. Leave the default settings with the exception of the CAINPWFILE. Set this to output the file where ever you like...
December 17, 2012 Added by:Randall Frietzsche
We need a well-conceived set of administrative and technical controls - our policy, while still acknowledging that every living creature on the planet is organically attached to a smart device, must dictate that the user will follow the policy at risk of termination...
December 11, 2012 Added by:Kelly Colgan
Though it could create procedural challenges for the IRS and the U.S. Postal Service, Congress could solve the problem by simply refusing to issue refunds before April 15. That way they could see who has duplicate returns filed, and investigate before signing over checks to the bad guys...
December 04, 2012 Added by:Kelly Colgan
I’m a South Carolina taxpayer, and therefore, a potential victim of the massive South Carolina Department of Revenue Breach. I work in the identity theft and data risk industry, so when I heard about how everything was being handled and what was being offered, I was upset...
November 20, 2012 Added by:gaToMaLo r. amores
By denying terrorist and criminals groups access to their money, authorities can stop them buying munitions and paying for suicide bombers. This approach has been highly successful in identifying and dismantling terrorist networks. Now they need to adapt and learn how this new DC works because it cannot be stopped...
November 20, 2012 Added by:Ben Rothke
Key management is one of the most important aspects of cryptography and often the most difficult. Part of the difficulty around key management is at the user level, with key updates, passphrase management and more. Ultimately, effective key management is essential to the underlying security of the cryptosystem...
November 19, 2012 Added by:Bill Mathews
That’s right, I got an email with my username and password listed right there. That probably doesn’t anger normal people (let alone drive them to write an article about it), but I have never been accused of being normal so I’m pretty annoyed. Here, in no particular order, are my reasons for the anger and frustration...
Indicators of Compromise for Malware Used by... Jeanson Ancheta on 12-22-2014
Paying Lip Service (Mostly) to User Educatio... Sherrley Max on 12-20-2014
Update 3: Hackers May Leak Norton Antivirus ... Prabhas Raju on 12-19-2014