Technology

F29746c6cb299c1755e4087e6126a816

The Cyber Security Casino: Betting with House Money

December 15, 2011 Added by:Kelly Colgan

Identifying threats is an offensive tactic. It’s a close monitoring of the system at hand and the cyber news media. It’s easier to be protective when you understand what kinds of hackers, criminal, or nation states are after your system’s data. Know how to handle toxic data...

Comments  (0)

Bbb285308604bc5fbb9b43590d0501f6

Security BSides Planning Epic Phoenix Event

December 15, 2011 Added by:Security BSides

Bummed out after Snowmageddon? Want a nice hot (at least warmer) change of scenery? Arizona is hosting its first ever BSides during one of the best times of year. We aim to provide the highest quality talks, hands on training and workshops. We also have cactus...

Comments  (0)

6648b1abd4a9b964566c3690613f20a6

Following the Trail of Web-Based Malware

December 15, 2011 Added by:Mark Baldwin

The main.php script contained javascript that attempted to exploit several potential vulnerabilities. I downloaded the script and analyzed it. By inserting an “alert” statement into the script prior to the actual execution of the code, we can get a good idea of what the script does...

Comments  (0)

Fe3139b2aae983885565da7757da08a8

Google Wallet and the Edge of PCI’s Regulatory Map

December 14, 2011 Added by:Ed Moyle

Folks might object to sensitive data being stored in cleartext within Google Wallet - I sure do - but the problem isn't so much Google Wallet but instead the fact that mobile devices are blurring the lines between what's a payment application and what's not...

Comments  (0)

1a490136c27502563c62267354024cd5

PenTest: Get to Know Yourself Before Others Do

December 14, 2011 Added by:Malgorzata Skora

With multi-tier network architectures, web services, custom applications, and heterogeneous server platform environments, keeping data assets secure is more difficult than ever. Coupled with this complexity is the fact that criminal organizations have organized their hacking efforts...

Comments  (1)

49afa3a1bba5280af6c4bf2fb5ea7669

Three Things Experts Won't Tell You About Cloud Security

December 14, 2011 Added by:Mike Meikle

Carefully crafted and monitored SLAs to keep vendors in check, mandating FIPS 140-2 certification of potential vendors and benefiting from vendor technology investments (economies of scale) can add significant weight to cloud solution providers being more secure than in-house solutions...

Comments  (1)

B64e021126c832bb29ec9fa988155eaf

Windows Phone Denial of Service Attack Vulnerability

December 14, 2011 Added by:Dan Dieterle

"The attack is not device specific and appears to be an issue with the way the Windows Phone messaging hub handles messages. The bug is also triggered if a user sends a Facebook chat message or Windows Live Messenger message to a recipient..."

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Cybersecurity in Waste Water and Water Control Systems

December 14, 2011

The first of a monthly webinar series on Industrial Control System (ICS) Cybersecurity is now available for review in this video. This session provides insight for those interested in ICS Cybersecurity including policy makers, asset owners, vendors, consultants and integrators....

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Data Loss Prevention: Step 2 - Manage Privileges

December 13, 2011 Added by:Rafal Los

Getting back to basics is critical, and one of the most basic of basics is managing the rights to your data, your systems, and your critical operations. Let's take a critical, step-by-step look at how managing privileges can greatly decrease your likelihood of leaking data...

Comments  (0)

71d85bb5d111973cb65dfee3d2a7e6c9

Don't Fall Victim to Poor Network Segmentation

December 13, 2011 Added by:f8lerror

If an attacker compromises the DMZ, it is important to stop them there. Firewalls and segmentation is the key to this. Should a user have unlimited access to the internal network from a Citrix server or VPN? Or be able to connect to file shares, internal web applications, and databases?

Comments  (0)

959779642e6e758563e80b5d83150a9f

Case Study: A Cloud Security Assessment

December 13, 2011 Added by:Danny Lieberman

A client asked us to find a way to reduce risk exposure at the lowest cost. Using the Business Threat Modeling methodology and Practical Threat Analysis software, we were able to mitigate 80% of the total risk exposure in dollars at half the security budget proposed by the vendor....

Comments  (1)

7fef78c47060974e0b8392e305f0daf0

ENISA on Cyber Security: Future Challenges and Opportunities

December 13, 2011

Our society has become irreversibly dependent on Information and Communication Technologies (ICTs). Unfortunately, the adoption of them has been accompanied by the development of a new set of cyber threats which are developing in ever more rapid, sophisticated and sinister ways...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Data Loss Prevention - Step 1: Know What's Important

December 12, 2011 Added by:Rafal Los

It's important to understand what your company does and then figure out what the critical bits are. Sometimes it's your customer lists, or a secret ultra-high efficiency engine design, or the next big thing in stealth bombers. The point is that you simply need to know your business...

Comments  (0)

Ad5130e786d13531cc0f2cde32dacd0f

PCI DSS Risk SIG Announced: Results Will Be Interesting

December 12, 2011 Added by:Andrew Weidenhamer

The one that I am most interested in seeing is the results of is the Risk Assessment SIG. Although IT Risk Assessments has been a term that has been used for decades now, they are still rarely performed and almost always poorly when they are in regard to effectively considering threats...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Merchant Beware – New Mobile Payment Solution in the Wild

December 12, 2011 Added by:PCI Guru

Even if Square’s software encrypts the data, the underlying OS will also collect the data in cleartext. Forensic examinations of these devices have shown time and again that regardless of what the software vendor did, the data still existed in memory unencrypted...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

Closing the Gate Before the Horse Bolts – On Passwords for the Cloud

December 12, 2011 Added by:Ben Kepes

Passwords it seems are both the bane of our existence and, apparently, the most important thing in our lives. Unfortunately the Cloud doesn’t really change this, good password protocols are as important in the Cloud as they were in an on-premise world and potentially even more so...

Comments  (0)

Page « < 106 - 107 - 108 - 109 - 110 > »