Was Stratfor Breached By an Insider?

January 03, 2012 Added by:Jeffrey Carr

I'm not accusing Michael Mooney of being involved. I am, however, stating that attacks by insiders who hold a grudge against their employer are common and Mooney's position along with the circumstances around his departure will certainly be explored by law enforcement...

Comments  (4)


Ever-Clearer Vulnerabilities in Certificate Authority System

January 03, 2012 Added by:Electronic Frontier Foundation

At EFF we are big fans of HTTPS, the secure version of HTTP that allows for private conversations between websites and users who are browsing them. Though we've known that this system has been flawed for a while now, last year there were two attacks that acutely demonstrated just how brittle it is...

Comments  (0)


Stratfor Hack Proves a Few Things

January 03, 2012 Added by:

How many more companies believe they can get by with half-baked security? Why are budgets being cut for information security by CIOs who just don’t get it? Why is it that organizations do business with other organizations without performing due diligence on the entity?

Comments  (0)


Crazy Fast Password Recovery with Hashcat

January 02, 2012 Added by:Dan Dieterle

Hashcat is a multi-threaded cracker, so if your CPU can run several threads, it will use them. But the real speed comes into play when using the horsepower of a GPU. If your GPU can run hundreds of threads, all of this power is used to break passwords...

Comments  (1)


Gartner: Top Predictions for 2012 and Beyond

January 02, 2012 Added by:Bill Gerneglia

"Instead of requesting that a third-party security vendor conduct testing on the enterprise's behalf, the enterprise will be satisfied by a cloud provider's certificate stating that a reputable third-party security vendor has already tested its applications."

Comments  (0)


Hacktivism: The End Result Versus the End Goal

December 31, 2011 Added by:Rafal Los

Unless your cave doesn't get the news, you've seen the barrage of and hacking over the past several months. If experience teaches us anything these folks are holding the final nail in the coffin of Internet freedom as it's driven in by the government they fear...

Comments  (0)


Cybersecurity in Today's World

December 31, 2011 Added by:Larry Karisny

Curt Massey spent a 35-year career protecting our national security. His military service, civilian law enforcement, corporate security and military contracting experiences have imbued him with the unpleasant knowledge of our core vulnerabilities and a visceral drive to build a team capable of finding answers...

Comments  (0)


On 2011: The Year of System Failure

December 30, 2011 Added by:Infosec Island Admin

If you really want to see why so much has happened with Anonymous, WikiLeaks, Manning, and OWS you need only look toward Capitol Hill and smell the rank problem that is our governing body. We have are at an apex that has reached the lows of the Roman empire in its decline...

Comments  (2)


Feast of the Seven Phishes 2011

December 30, 2011 Added by:Robert Siciliano

One of my holiday traditions is to expose the year’s phishing scams. The following examples come straight from my inbox or spam filter, and have been abbreviated to demonstrate the nature of the scam and specific hook being used...

Comments  (0)


Analyzing the Poneman Study on Privileged Users

December 29, 2011 Added by:Rafal Los

How much access do those employees and system administrators have to your critical intellectual property, company secrets and other secret information? And how often do they take a peek behind the curtain... you know, just for curiosity?

Comments  (0)


CloudMASTER and CloudGURU Certifications

December 29, 2011 Added by:Kevin L. Jackson

These continuing education programs provide a solid technical background in modern web services deployment and administration. Students will learn concepts, principles, techniques, and practices needed to administer and secure a modern cloud-enabled business environment...

Comments  (0)


Nothing Funny About CallerIDFaker

December 29, 2011 Added by:Theresa Payton

Companies are coming up with new technologies to not only spoof your number but to also disguise your voice. This could be scary in the wrong hands. One product, CallerIdFaker, asks you to tape the call as it happens and then share it on their website. Are you laughing yet?

Comments  (1)


On Input Validation

December 29, 2011

Input validation is a good security principle based on your application looking at what’s being asked of it and deal in a secure manner. It’s not always fool proof, but goes a long way...

Comments  (0)


NIST Guidelines: Protecting Computers at Start-Up

December 29, 2011 Added by:Headlines

SP 800-155 explains the fundamentals of BIOS integrity measurement to determine if the BIOS has been modified and how to report changes. The publication provides detailed guidelines to vendors that develop products to support secure BIOS integrity measurement mechanisms...

Comments  (0)


The Next Cyber Weapon: Hypothesis on Stuxnet Three

December 28, 2011 Added by:Pierluigi Paganini

These are works in progress and they will be improved with components developed to attack strategic targets. Which are the features that we believe may be present in future versions of these dreaded malware? Asking yourself this question is crucial to guide research...

Comments  (0)


Data Center Complexity and Clarity Around Outages

December 28, 2011 Added by:Ben Kepes

Things like physical security, multiple redundant power and networks to incredibly complex networking and load balancing components – the modern data center is an incredibly complex beast. And yet they still suffer outages...

Comments  (0)

Page « < 106 - 107 - 108 - 109 - 110 > »