Technology

Ba829a6cb97f554ffb0272cd3d6c18a7

Father Noel Delivers His Second Lump of "LulzXmas" to Stratfor

December 27, 2011 Added by:Kevin McAleavey

While many of us were nestled in our beds and enjoying Christmas day with family and friends, opening our gifts and downing the holiday grog, a nasty lump of coal was left once again under the tree for Stratfor by the LulzSec/Lulzboat crew...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Want Rapid Feedback? Try a Web Application Security Scan

December 27, 2011 Added by:Brent Huston

While this service finds a number of issues and potential holes, we caution against using it in place of a full application assessment or penetration test if the web application in question processes critical or highly sensitive information...

Comments  (0)

44fa7dab2a22dc03b6a1de4a35b7834a

IT Trends for 2011 and Beyond

December 25, 2011 Added by:Bill Gerneglia

CIOs and senior IT business decision makers must maintain a focus on specific trends that will effect the industries in which they compete. You should already be thinking about how technology is going to help shape your business far into the future. CIOs have to be forward-thinking...

Comments  (0)

888605c6c25c19e41bbbb986ea6d43c1

The Human Factor

December 24, 2011 Added by:Jim Palazzolo

When we truly understand that every server we secure, policy enforced, card swipe device locked down, banking website code scrubbed, and public facing connection port blockaded has a human being at the end we will then fully grasp the concept of "defense-in-depth"...

Comments  (0)

959779642e6e758563e80b5d83150a9f

The Tao of GRC

December 23, 2011 Added by:Danny Lieberman

Effective GRC management requires neither better mathematical models nor complex software. It does require us to explore new threat models and go outside the organization to look for risks we’ve never thought about and discover new links and interdependencies that may threaten our business...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Security Impact of Performance

December 22, 2011 Added by:Rafal Los

DDoS is being used as a tool that has turned poor performing systems into weapons against their implementers. It proves that no matter how big the pipe you have, it's possible to push so much traffic that the odds of handling it properly and staying available are virtually zero...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: WellinTech’s Kingview SCADA Vulnerability

December 22, 2011 Added by:Headlines

"An attacker can exploit this vulnerability by sending a specially crafted packet to Port 777/TCP that exceeds a specified length and contains executable code... Successful exploitation of the heap overflow vulnerability could allow a remote attacker to cause the service to crash..."

Comments  (0)

8c4834b99847b9f7c9ee94b45df086f9

The State of Solid State

December 21, 2011 Added by:Emmett Jorgensen

Solid state disks are more reliable because SSDs do not contain any moving parts. There are no read heads, actuator arms or spinning platters that can break down in an SSD. SSDs can be moved around freely while in use and have a higher tolerance against shock and vibration than HDDs...

Comments  (1)

296634767383f056e82787fcb3b94864

Why I Oppose the Twelve Chinese Hacker Groups Claim

December 21, 2011 Added by:Jeffrey Carr

Senators and Congressmen don't have enough knowledge about cybersecurity to discern truth from fiction, so what starts off as questionable analysis soon becomes terrible government policies, especially when it is advocating for civilian companies to counterattack a nation's network...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: 7-Technologies IGSS Data Server Vulnerability

December 21, 2011 Added by:Headlines

"This vulnerability can be exploited by sending a specially crafted packet to Port 12401/TCP. A successful exploit will cause a buffer overflow that can result in a remote DoS against the 7T Data Server application on the targeted host..."

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

How Not to Recruit Spies Online and Off

December 21, 2011 Added by:Infosec Island Admin

One must look at the range and breadth of companies and entities being broken in to by the likes of China to see that no one is exempt. Know the ins and outs of the technology as well as the spook landscape, especially if you work in infosec today, lest you become the next target...

Comments  (2)

Fc152e73692bc3c934d248f639d9e963

The MPLS Privacy Debate Continues

December 21, 2011 Added by:PCI Guru

Given that at some point MPLS traffic has to technically co-mingle with other customers’ network traffic, how can the PCI SSC claim that MPLS is private? The answer is a bit disconcerting to some, but for those of us with an understanding of the engineering issues, it was expected...

Comments  (1)

B64e021126c832bb29ec9fa988155eaf

Analyzing Passwords for Patterns and Complexity

December 20, 2011 Added by:Dan Dieterle

This is a great tool to see patterns in password security. After years of users being warned about password security, it is disheartening to see the majority of users are still using simple passwords. More alarming is the number of password dumps available from compromised websites...

Comments  (0)

44fa7dab2a22dc03b6a1de4a35b7834a

Fed CIO: Minimum Security Standards Set for Cloud Providers

December 20, 2011 Added by:Bill Gerneglia

The FedRAMP was established to provide a standard approach to Assessing and Authorizing cloud computing services. FedRAMP allows joint authorizations and continuous security monitoring services for Government and Commercial cloud computing systems intended for multi-agency use...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Data Loss Prevention - Step 3: Engage Physical Security

December 20, 2011 Added by:Rafal Los

While often missed, this component of security is one of the most critical when it comes to understanding, and fighting the loss of data in your organization in a very real, tangible way. There are three types of threats you want to be aware of from the physical perspective...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Invensys Wonderware InBatch ActiveX Vulnerability

December 20, 2011 Added by:Headlines

"Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code or cause a denial of service (DoS) on systems with affected versions of Wonderware InBatch Runtime Client components," the ICS-CERT advisory warns...

Comments  (0)

Page « < 106 - 107 - 108 - 109 - 110 > »