Items Tagged with "Attacks"
Four Tips for Teaching Your Staff About Social Engineering
April 12, 2012 Added by:Brent Huston
Social engineering, the process of obtaining confidential information through tricking people to do things they should not do; is on the rise. So how can you help your staff recognize social engineering before it’s too late? Here are a few tips...
Comments (0)
Jihadi Sites Fall Down, Go Boom... Again
April 09, 2012 Added by:Scot Terban
At first I thought that players in the patriot hacker movement may have been involved, but it seems more so now that all points to a concerted action by governments. The hacking of the sites likely was done via bad installs of PHP and SQL on the boxes that the databases resided on...
Comments (0)
Campaign Targeting Activists Escalates with New Surveillance Malware
April 09, 2012 Added by:Electronic Frontier Foundation
The malware installs a remote administration tool called DarkComet RAT, which can capture webcam activity, disable the notification setting for certain antivirus programs, record key strokes, steal passwords, and more...
Comments (0)
The Information Security OODA Loop Part 5: Act
April 07, 2012 Added by:Rafal Los
Practicing the OODA Loop for incident response is critical to making sure you avoid panic-induced decisions which could be catastrophic. If you're already formulating excuses as to why you won't be able to practice - just forget this altogether...
Comments (0)
One-Day Exploits, Binary Diffing and Patch Management
April 05, 2012 Added by:Pierluigi Paganini
One-Day exploits have a reduced possibility of success due the potential for patching by a target, but the attacks are still insidious and cheaper in comparison to Zero-Days - it's quite simple to retrieve the information on the internet and use tools to commit the attacks...
Comments (0)
The Information Security OODA Loop Part 4: Decide
April 05, 2012 Added by:Rafal Los
There are any number of possible decisions to be made in an infosec OODA Loop cycle. Sometimes the most basic decision to be made is whether to act or to hold your position. Too often infosec tends to look at a potential event and assume that the response must be action...
Comments (0)
The Information Security OODA Loop Part Three - Orient
April 03, 2012 Added by:Rafal Los
In infosec, if you've worked at companies who are doing security poorly and getting ravaged by hackers your first inclination may be desperation when your digital assets are under attack. It's hard to completely wipe the slate clean from previous experiences...
Comments (0)
Taking the Crowbar to Cyber-Denying Eyes
April 03, 2012 Added by:Don Eijndhoven
Making your own arbitrary definition of Cyber Warfare and discounting MOUNTAINS of evidence that undermine your point isn't very scholarly to say the least. Can we please stop giving a stage to these people who are obviously cherry-picking their way to an uninformed argument?
Comments (9)
DHS: Don’t be Fooled by Too Good to be True Websites
April 03, 2012 Added by:Headlines
According to a recent report, the fan craze created by the film The Hunger Games has created the perfect opportunity for devious cybercriminals to take advantage of Internet users. While clicking on a link may seem innocent enough, it can actually infect your device...
Comments (0)
We Need Better Defensive Tools
April 03, 2012 Added by:Gabriel Bassett
Marketers, Google, Facebook, can piece information together to identify you even when you don't say who you are. Banks, online video games, and major web services can degrade service based on perceived threats. It's time for infosec to build such tools to execute a better defense...
Comments (0)
Operation Luckycat Targets Tibet, Japan and India
April 02, 2012 Added by:Pierluigi Paganini
Of course, the involvement of Gu Kaiyuan doesn't prove the campaigns are officially sponsored by the Chinese government, but the targets chosen leads the experts believe that the Beijing government is behind the Operation Luckycat attacks...
Comments (0)
It’s Data Breach Report Season: Beware Of Partial Truths
April 02, 2012 Added by:Josh Shaul
At the end of the day, these reports are important. They provide much needed insight into at least some data breaches. But we have to accept that this isn't the U.S. Census. We must learn what we can from them without becoming hypnotized by the hype that can surround them...
Comments (1)
The First Cyber Shot in a Chinese Jasmine Spring
April 02, 2012 Added by:Joel Harding
This does not look like a US military action against China, that is certain. Whoever put the message together seems to be dumbing it down to aid in translation. It’s as if it’s intended for an American audience, but nobody in their right mind would or should do that...
Comments (0)
The Information Security OODA Loop Part Two - Observe
April 02, 2012 Added by:Rafal Los
Infosec is in a constant chess match with the opposition. In order to have some way of fighting this asymmetric digital warfare, we need to have an organized, formalized way of identifying current threats and reacting in near-real-time in order to reach a state of detente...
Comments (0)
What is Aurora and Why is it a Risk to Grid Reliability?
March 30, 2012 Added by:Joe Weiss
Aurora is a gap in the protection of the electric grid. It is a basic physics property - an out-of-phase condition that cannot be seen by the operator and can NOT be addressed by traditional mitigation. The only means to prevent an Aurora event is by physical hardware mitigation...
Comments (0)
Duqu Cyber Weapons Factory Still Operating
March 29, 2012 Added by:Pierluigi Paganini
I graphed the data supplied by leading teams involved in research on Duqu. Does the fact that the majority of instances have been identified in Sudan and Iran suggest something? Have you still doubts about who may have developed this powerful family of cyber weapons?
Comments (0)
Your Own Private Island
December 24, 2011Coming Soon! Build your own Island right here!
Make your home Infosec Island with your own private vanity URL, design options and private network of followers.
Infosec Island v2
December 24, 2011The latest version of Infosec Island is now available. There are more content options and more ways to connect and interact with your peers.
Thanks to everyone for a great year, and we're looking forward to an excellent 2012!