Cisco’s existing product lines offer a number of different appliance options which allow companies the ability to block the various web based threats in existence. The problem that this type of solution has is that it does require constant tweaking of the filtering and analysis settings as well as someone to constantly keep an eye on current events as zero-day attacks become more prominent.
Advancements in technology over the past decade have created a tremendous amount of opportunity for the savvy businessperson. Whether it’s mobility, streamlined processes, marketing, or the ability to sell to a global market, there’s never been a better time to be in business. Like anything good, there is always a negative…
According to Consumer Reports’ 2009 State of the Net Survey, cybercriminals have bilked $8 billion from consumers in the past two years, and McAfee warns consumers not to fall victim to the twelve most dangerous online scams that computer users face this holiday season.
Large enterprises rely on software products. And as everything else in large enterprises, the software products are large, complex, cumbersome and nearly unchangeable. This last attribute is better known as vendor lock-in. Software vendors love vendor lock-in.
Despite the fact that CDI has inherent weaknesses, as do all of the prior fraud prevention technologies, it is providing tremendous benefit to many companies, ranging from credit and loan issuers to social networking sites to online retailers. This is especially true when layering it with other effective technologies.
Reading through a Windows security log or any other log can be very difficult and time consuming, so a lot of companies have created their own tools to analyze windows event logs. But before you start going commercial, there is a tool that will get you going without any cost. Against all odds, it’s a tool made by Microsoft!
We are observing an incredible rise in cybercrime. New profiles of attackers arrived in the so-called hacking underground, and the hacking world – sometimes – is meeting with organized crime and State-sponsored attacks. The world is changing and, basically, the keyword is the information. In today’s world Information is the Power that’s the sole reason why all of this is happening.
The fourth guide in our ‘Forgotten Security’ series, Forgotten Security: Keeping up to date, is targeted at IT teams, encouraging them to take another look at their procedures, ensuring that they cover both software and equipment. A fully updated system is protected against the latest threats.
The 2009 ITRC Breach Report had captured numerous healthcare data breaches since the September 23rd effective date for the HITECH Act. So, I’m perplexed as to why there aren’t any data breaches over 500 individuals yet listed by HHS. Surprisingly, there is nothing there.
Symantec isn’t the only company to forecast improved enterprise IT spending based on quarterly results in the past few weeks; executives at EMC, IBM, and Intel all spoke positively about IT budgets rebounding in the coming months.
In terms of speed, Retina performed much faster. In terms of scan depth, Nessus has a small advantage, since it includes a web mirroring tool that is very helpful in HTTP. In a direct comparison, Nessus wins simply because Retina manifested erroneous results on repeat scans.
Criminals set up fake websites and then go through the same process legitimate eTailers do in regards to search engine optimization, search engine marketing and online advertising via adwords. They use key words to boost their rankings on Internet searches to show up along side legitimate sites. These same processes are also being used to infect unsuspecting users with malware. Here are ten tips for secure online shopping.
Hackers are spreading their operational bases further around the world, according to threat analysis from managed security firm, Network Box. Not only should we all be wary about what links we click on in emails, social networking sites and IM, but we should examine what data we put online.
In recent years, the number of reported data breaches at healthcare organizations has soared, despite laws requiring the groups to protect patient information. In May, a hacker stole more than 500,000 patient records from a state-run database that tracks drug prescriptions in Virginia — and then demanded a ransom to return the information.In recent years, the number of reported data breaches at healthcare organizations has... more
I’ve joined forces with the Identity Theft Resource Center to expand the pool of knowledge about identity theft issues. As nationally recognized experts in this crime, we have come up with ten predictions for what the nation can expect in the area of identity theft in 2010 and beyond.
An important consideration with information security incidents is identifying if personally identifiable information - PII - is involved. If it is, then the privacy breach response team needs to be put into action to determine whether or not an actual privacy breach occurred. I’m always interested in hearing the challenges and unique situations they run across as they not only create their plans, but also for how they execute them. Here are three of these situations, often overlooked and not planned for, but experienced by organizations.
With criminal money laundering law enforcement can trace events from the crime to the money. However, terrorist methodology uses money to fund an activity which has not yet taken place. Enforcement efforts are placed on stopping the crime before it occurs. The challenges are at opposite ends of the spectrum.
WireHead SecurityTM, an information security services firm providing customers with solutions to strengthen internal security and risk management, today announced a partnership agreement with the North Carolina Independent Colleges and Universities (NCICU), under which member institutions can take advantage of discounted service pricing. NCICU is comprised of North Carolina’s 36 private, non-profit liberal arts, comprehensive, and research colleges and universities accredited by the Southern Association of Colleges and Schools.
Anti-jihadi hactivist The Jester (th3j35t3r), the self-proclaimed Nicest Hacker in the World, has returned for part two of our conversation concerning his campaign of intermittent disruption of militant pro-jihad websites. Part one, Q&A With anti-Jihadi Hacker The Jester, elicited both ire and accolades for the cyber-vigilante in nearly equal volume, revealing just how polarizing the issues surrounding ownership, permissions and access have become in this age of information.
People who generally have to much time on their hands read my posts. Or they simply enjoy my train wreck world view. Anyway there are some fantastic resources that I draw from that help me to break down the complicated issues revolving around how to keep the bad guy from draining your bank account. The following make me look good (not to insult them):
