January 03, 2012 Added by:Malgorzata Skora
Physical security can’t be overstated with high value targets such as the Nuclear Power plants in Iran and the U.S. Governments Secret SIPR networks being victims to physical layer compromise. If there’s one guaranteed way to gain access to any network, it’s with a physical layer exploit...
January 03, 2012 Added by:security curmudgeon
Infosec Media's aggregation does not honor fair use quoting, and does not respect copyright. For each article, the original title is left intact but the byline is stripped. This practice is not acceptable by any standards in journalism or information security...
January 03, 2012 Added by:Jeffrey Carr
I'm not accusing Michael Mooney of being involved. I am, however, stating that attacks by insiders who hold a grudge against their employer are common and Mooney's position along with the circumstances around his departure will certainly be explored by law enforcement...
January 03, 2012 Added by:Electronic Frontier Foundation
At EFF we are big fans of HTTPS, the secure version of HTTP that allows for private conversations between websites and users who are browsing them. Though we've known that this system has been flawed for a while now, last year there were two attacks that acutely demonstrated just how brittle it is...
How many more companies believe they can get by with half-baked security? Why are budgets being cut for information security by CIOs who just don’t get it? Why is it that organizations do business with other organizations without performing due diligence on the entity?
January 02, 2012 Added by:Dan Dieterle
Hashcat is a multi-threaded cracker, so if your CPU can run several threads, it will use them. But the real speed comes into play when using the horsepower of a GPU. If your GPU can run hundreds of threads, all of this power is used to break passwords...
January 02, 2012 Added by:Bill Gerneglia
"Instead of requesting that a third-party security vendor conduct testing on the enterprise's behalf, the enterprise will be satisfied by a cloud provider's certificate stating that a reputable third-party security vendor has already tested its applications."
December 31, 2011 Added by:Rafal Los
Unless your cave doesn't get the news, you've seen the barrage of and hacking over the past several months. If experience teaches us anything these folks are holding the final nail in the coffin of Internet freedom as it's driven in by the government they fear...
December 31, 2011 Added by:Larry Karisny
Curt Massey spent a 35-year career protecting our national security. His military service, civilian law enforcement, corporate security and military contracting experiences have imbued him with the unpleasant knowledge of our core vulnerabilities and a visceral drive to build a team capable of finding answers...
December 30, 2011 Added by:Infosec Island Admin
If you really want to see why so much has happened with Anonymous, WikiLeaks, Manning, and OWS you need only look toward Capitol Hill and smell the rank problem that is our governing body. We have are at an apex that has reached the lows of the Roman empire in its decline...
December 30, 2011 Added by:Robert Siciliano
One of my holiday traditions is to expose the year’s phishing scams. The following examples come straight from my inbox or spam filter, and have been abbreviated to demonstrate the nature of the scam and specific hook being used...
December 29, 2011 Added by:Rafal Los
How much access do those employees and system administrators have to your critical intellectual property, company secrets and other secret information? And how often do they take a peek behind the curtain... you know, just for curiosity?
December 29, 2011 Added by:Kevin L. Jackson
These continuing education programs provide a solid technical background in modern web services deployment and administration. Students will learn concepts, principles, techniques, and practices needed to administer and secure a modern cloud-enabled business environment...
December 29, 2011 Added by:Theresa Payton
Companies are coming up with new technologies to not only spoof your number but to also disguise your voice. This could be scary in the wrong hands. One product, CallerIdFaker, asks you to tape the call as it happens and then share it on their website. Are you laughing yet?
December 29, 2011 Added by:Headlines
SP 800-155 explains the fundamentals of BIOS integrity measurement to determine if the BIOS has been modified and how to report changes. The publication provides detailed guidelines to vendors that develop products to support secure BIOS integrity measurement mechanisms...
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015