tagged w/ Interview
-
-
-
So where does SSL fit in? Well, we know that the vulnerabilities for a PHI data breach can not only happen inside any layer but in particular there are vulnerabilities in the system interfaces between layers. That means between server layers and client-server interfaces...
https://www.infosecisland.com/blogview/15874-Securing-Web-Servers-with-SSL.htmlSo where does SSL fit in? Well, we know that the vulnerabilities for a PHI data breach... more
-
-
-
A Qualified Security Assessor Company (QSAC) has finally had their status revoked by the PCI SSC. Based on the FAQ, it seems that CSO was not able to provide documentation that supported their conclusions regarding assessment opinions in their ROC's and ROV's they had issued...
https://www.infosecisland.com/blogview/16151-Kicked-Out-of-the-PCI-DSS-Club.htmlA Qualified Security Assessor Company (QSAC) has finally had their status revoked by... more
-
-
-
-
-
-
One important thing to note about Railgun is that you are querying the API, and just as if you were using C++, the API you are calling just might not be there on the system. So here is a quick trick to find out if a the function (API) that you are trying to call is available to you...
https://www.infosecisland.com/blogview/16029-Railgun-Error-Checking.htmlOne important thing to note about Railgun is that you are querying the API, and just... more
-
-
-
-
Cybercriminals are actually extremely rational. And not necessarily talking of hacktivists and others without a clear profit motive, but those with a drive to make money act extremely rationally. Consequently, there is a solution: Reduce their profit...
https://www.infosecisland.com/blogview/16163-Question-Why-Cybercrime.htmlCybercriminals are actually extremely rational. And not necessarily talking of... more
-
-
-
-
"DNSwatch will help you avoid known bad websites or sites that will trick your computer into downloading and installing malicious programs on your computer. Even better, DNSwatch will also prevent you from accessing malicious websites that you may not even know your computer is trying to access..."
https://www.infosecisland.com/blogview/16187-CERT-Malaysia-Releases-DNSwatch-Tool.html"DNSwatch will help you avoid known bad websites or sites that will trick your... more
-
-
Arguments surrounding APT will remain a battle of expert vs. expert - but how about we use some common sense for a moment? If YOU were an attacker, why would you bother attacking from your own fixed location? It would make more sense to attack from another country for deflection purposes...
https://www.infosecisland.com/blogview/16164-Advanced-Persistent-Monkey-See-Monkey-Do.htmlArguments surrounding APT will remain a battle of expert vs. expert - but how about we... more
-
-
-
-
"Cybercriminals... are increasingly using DDoS attacks as a diversionary tactic when launching more sophisticated attacks such as those on online banking systems. Complex attacks of this nature are particularly damaging in that they can cause significant losses for the financial institutions..."
https://www.infosecisland.com/blogview/16168-Q2-DDoS-Attacks-Some-Facts-and-Figures.html"Cybercriminals... are increasingly using DDoS attacks as a diversionary tactic... more
-
