Items Tagged with "Encryption"
Congressional Testimony Reveals Security at NASA Lacking
March 02, 2012 Added by:Headlines
"In its fiscal year 2010 report to Congress on FISMA implementation, the OMB reported a Government-wide encryption rate for these devices of 54 percent. However, as of February 1, 2012, only 1 percent of NASA portable devices/laptops have been encrypted," Martin testified...
Comments (0)
LM Hash Flaw: Windows Passwords Easy to Crack
March 01, 2012 Added by:Dan Dieterle
The thing is that the lower security hashes are not present on the SAM stored on the hard drive. When the security accounts are loaded into active RAM, Windows re-creates the LM hashes. The LM Hash can be pulled from active RAM using the Windows Credential Editor (WCE)...
Comments (0)
AntiSec, Stratfor, WikiLeaks, and Much Ado about Nothing
February 29, 2012 Added by:Scot Terban
Some of us out there know a little bit about how intelligence works. While the likes of WikiLeaks rail about how some are using money and perhaps even sex to sway their sources, the reality is that this game has always been played this way. Intelligence is a dirty business...
Comments (2)
Secure Now or Forever...
February 24, 2012 Added by:Pamela Gupta
Traditional access control is simple, but permission-based access has become challenging – applications that request the user’s permission to access sensitive data explicitly. We are expecting users to be system administrators without adequate training, which is not feasible...
Comments (0)
Encryption: A Buzzword, Not a Silver Bullet
February 16, 2012 Added by:Danny Lieberman
Encryption, buzzword, not a silver bullet for protecting data on your servers. In order to determine how encryption fits into server data protection, consider four encryption components on the server side: passwords, tables, partitions and inter-tier socket communications...
Comments (0)
Researchers Discover Widespread Cryptographic Vulnerabilities
February 15, 2012 Added by:Electronic Frontier Foundation
The consequences of these vulnerabilities are extremely serious. In all cases, a weak key would allow an eavesdropper on the network to learn confidential information, such as passwords or the content of messages, exchanged with a vulnerable server...
Comments (0)
Twitter Finally Enables HTTPS as a Default Setting
February 14, 2012 Added by:Headlines
Among other security benefits, the HTTPS feature will prevent users from having their login credentials stolen by attackers who may attempt to harvest passwords when users access their accounts over unencrypted Wi-Fi networks...
Comments (0)
Data at Rest: Dormant But Dangerous
February 10, 2012 Added by:Simon Heron
Data is considered to be either ‘at rest’, ‘in transit’ or ‘in use.’ When putting security measures in place, it is important to consider all three states and address risks associated with each. This article examines data at rest and proposes strategies to minimize dangers...
Comments (0)
Encryption: On Hashing Basics
February 08, 2012 Added by:PCI Guru
Never store the obscured value along with the truncated value. Always separate the two values and also implement security on the obscured value so that people cannot readily get the obscured value and the truncated value together without oversight and management approval...
Comments (0)
Twelve Security Best Practices for USB Drives
February 07, 2012 Added by:Kelly Colgan
Portable and mobile storage devices are significant players in most corporate offices. Ensuring proper protection with a best practices policy and strict enforcement offers significant risk reduction—and can prevent long nights on data breach investigations...
Comments (1)
Data Loss Prevention Step 6: Encrypting Data at Rest
February 06, 2012 Added by:Rafal Los
Even if you did know where all your critical information is, you'd probably be powerless to control its sprawl. Let's face it, systems consume data and then become mobile - which is hardly something you can do anything about in a world where mobility is a key business driver...
Comments (2)
Hacking Satellite Communications
February 06, 2012 Added by:Pierluigi Paganini
We must consider that compromised satellites are a serious risk, that the exposure could affect communications in the business and military sectors, and could also cause the loss of sensitive and strategic technological information...
Comments (0)
How to Encrypt Your Email with PGP
February 06, 2012 Added by:Robert Siciliano
Pretty Good Privacy (PGP) “is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication. PGP is often used for signing, encrypting and decrypting texts, E-mails, files, directories and whole disk partitions..."
Comments (0)
Data Loss Doesn’t Always Mean Getting Hacked
February 03, 2012 Added by:Robert Siciliano
Recently UCLA announced 16,000 patients were potential victims of identity theft because a doctor’s home office was broken into and data stolen. Data breaches cost big bucks. Encryption in this scenario failed due to a password on a sticky note near the laptop...
Comments (0)
The Difficult Life of a Mac in the Mixed Environment
February 02, 2012 Added by:Bozidar Spirovski
We are not abandoning the Mac - it is a great tool and an asset in our little lab. But in the current state of things, it takes a lot of effort and compromise to fully migrate to a Mac platform, especially since a multi-environment knowledge is required...
Comments (2)
Disappointing Ruling in Compelled Laptop Decryption Case
February 01, 2012 Added by:Electronic Frontier Foundation
A federal district court has handed down an unfortunate early ruling in a case. Prosecutors asked the court to force the defendant to either type an encryption passphrase into the laptop to decrypt the information or turn over a decrypted version of the data...