Duqu: The Worst May Come for Critical Infrastructure

January 04, 2012 Added by:Pierluigi Paganini

The modular nature of Duqu should cause us to jump from our chairs. It is reasonable to assume that Duqu is a work in progress, and the ability to change its structure at different times using modules designed specifically for precise goals makes this malware unique and formidable...

Comments  (0)


Fallout from the Christmas Hack of Stratfor

January 03, 2012 Added by:Richard Stiennon

The most painful lesson the Stratfor hack is about to demonstrate is the importance of email security. Anonymous will be recruiting volunteers to analyze the 3.3 million emails they stole that have the potential for real harm equal to the infamous WikiLeaks State Department leak...

Comments  (0)


From PwnPlugs to Nuclear Power Plants...

January 03, 2012 Added by:Malgorzata Skora

Physical security can’t be overstated with high value targets such as the Nuclear Power plants in Iran and the U.S. Governments Secret SIPR networks being victims to physical layer compromise. If there’s one guaranteed way to gain access to any network, it’s with a physical layer exploit...

Comments  (0)


Serial Copyright Violations by 7Safe's

January 03, 2012 Added by:security curmudgeon

Infosec Media's aggregation does not honor fair use quoting, and does not respect copyright. For each article, the original title is left intact but the byline is stripped. This practice is not acceptable by any standards in journalism or information security...

Comments  (2)


Was Stratfor Breached By an Insider?

January 03, 2012 Added by:Jeffrey Carr

I'm not accusing Michael Mooney of being involved. I am, however, stating that attacks by insiders who hold a grudge against their employer are common and Mooney's position along with the circumstances around his departure will certainly be explored by law enforcement...

Comments  (4)


Ever-Clearer Vulnerabilities in Certificate Authority System

January 03, 2012 Added by:Electronic Frontier Foundation

At EFF we are big fans of HTTPS, the secure version of HTTP that allows for private conversations between websites and users who are browsing them. Though we've known that this system has been flawed for a while now, last year there were two attacks that acutely demonstrated just how brittle it is...

Comments  (0)


Stratfor Hack Proves a Few Things

January 03, 2012 Added by:

How many more companies believe they can get by with half-baked security? Why are budgets being cut for information security by CIOs who just don’t get it? Why is it that organizations do business with other organizations without performing due diligence on the entity?

Comments  (0)


Crazy Fast Password Recovery with Hashcat

January 02, 2012 Added by:Dan Dieterle

Hashcat is a multi-threaded cracker, so if your CPU can run several threads, it will use them. But the real speed comes into play when using the horsepower of a GPU. If your GPU can run hundreds of threads, all of this power is used to break passwords...

Comments  (1)


Gartner: Top Predictions for 2012 and Beyond

January 02, 2012 Added by:Bill Gerneglia

"Instead of requesting that a third-party security vendor conduct testing on the enterprise's behalf, the enterprise will be satisfied by a cloud provider's certificate stating that a reputable third-party security vendor has already tested its applications."

Comments  (0)


Hacktivism: The End Result Versus the End Goal

December 31, 2011 Added by:Rafal Los

Unless your cave doesn't get the news, you've seen the barrage of and hacking over the past several months. If experience teaches us anything these folks are holding the final nail in the coffin of Internet freedom as it's driven in by the government they fear...

Comments  (0)


Cybersecurity in Today's World

December 31, 2011 Added by:Larry Karisny

Curt Massey spent a 35-year career protecting our national security. His military service, civilian law enforcement, corporate security and military contracting experiences have imbued him with the unpleasant knowledge of our core vulnerabilities and a visceral drive to build a team capable of finding answers...

Comments  (0)


On 2011: The Year of System Failure

December 30, 2011 Added by:Infosec Island Admin

If you really want to see why so much has happened with Anonymous, WikiLeaks, Manning, and OWS you need only look toward Capitol Hill and smell the rank problem that is our governing body. We have are at an apex that has reached the lows of the Roman empire in its decline...

Comments  (2)


Feast of the Seven Phishes 2011

December 30, 2011 Added by:Robert Siciliano

One of my holiday traditions is to expose the year’s phishing scams. The following examples come straight from my inbox or spam filter, and have been abbreviated to demonstrate the nature of the scam and specific hook being used...

Comments  (0)


Analyzing the Poneman Study on Privileged Users

December 29, 2011 Added by:Rafal Los

How much access do those employees and system administrators have to your critical intellectual property, company secrets and other secret information? And how often do they take a peek behind the curtain... you know, just for curiosity?

Comments  (0)


CloudMASTER and CloudGURU Certifications

December 29, 2011 Added by:Kevin L. Jackson

These continuing education programs provide a solid technical background in modern web services deployment and administration. Students will learn concepts, principles, techniques, and practices needed to administer and secure a modern cloud-enabled business environment...

Comments  (0)


Nothing Funny About CallerIDFaker

December 29, 2011 Added by:Theresa Payton

Companies are coming up with new technologies to not only spoof your number but to also disguise your voice. This could be scary in the wrong hands. One product, CallerIdFaker, asks you to tape the call as it happens and then share it on their website. Are you laughing yet?

Comments  (1)

Page « < 106 - 107 - 108 - 109 - 110 > »