tagged w/ electronic database
-
The Lone Ranger was one of my favorite shows growing up. With his trusty side kick Tonto, he would always appear just in time to foil the bad guys and leave everyone wondering..."who is that masked man?" Was it really that hard to determine his identity?
Many people today ride into Facebook, MySpace, Linkedin, and other social network sites with their masks on, expecting privacy and anonymity. But how hard is it to find them?
https://www.infosecisland.com/blogview/3376-The-limits-of-social-network-privacy.htmlThe Lone Ranger was one of my favorite shows growing up. With his trusty side kick... more
-
-
-
Cisco’s existing product lines offer a number of different appliance options which allow companies the ability to block the various web based threats in existence. The problem that this type of solution has is that it does require constant tweaking of the filtering and analysis settings as well as someone to constantly keep an eye on current events as zero-day attacks become more prominent.
http://information-security-resources.com/2010/01/31/web-security-from-a-new-perspective/Cisco’s existing product lines offer a number of different appliance options... more
-
-
-
Advancements in technology over the past decade have created a tremendous amount of opportunity for the savvy businessperson. Whether it’s mobility, streamlined processes, marketing, or the ability to sell to a global market, there’s never been a better time to be in business. Like anything good, there is always a negative…
http://information-security-resources.com/2010/01/24/enterprise-identity-theft-risks-for-2010/Advancements in technology over the past decade have created a tremendous amount of... more
-
-
The publishers of Infosec Island are now enrolling experienced network security professionals to become Island Bloggers and Forum Moderators. Register and complete your profile, and you will be eligible to win one of over $10,000 in products and services.
Actively blogging for a quality outfit like Infosec Island has benefits for professional who want to bring attention to their expertise and the solutions they bring to market to mitigate threats, and can bring much needed business in this rough economy.
https://www.infosecisland.com/blogview/3184-Security-Bloggers-Wanted-Get-Noticed-Get-Hired-in-2010.html
Simply register, complete the short profile and upload your picture or avatar, then apply for blogging privileges.
Be sure to complete your profile so you are eligible to win one of over $10k in prizes in our Q1 membership drive, and feel free to contact me through the Island in-mail, or directly at AFreed@WireHeadSecurity.com for more details.
* Grand Prize - a FREE core server license, including maintenance, of the Grid Data Security's Enhanced Authentication Solution from SyferLock™. This prize has a value of up to $10,000.
* Second Prize - The member winning second prize will receive two myKryptofon security software products from I.D. Rank Security.
* Third Prize - Two third prize winners will receive an EncryptStick™ software application download from Onix International Inc.
Write on!The publishers of Infosec Island are now enrolling experienced network security... more
-
-
"There is an UNEQUAL amount of good and bad in most things, the trick is to work out the ratio and act accordingly…" The Jester
Infosec Island has once again gained exclusive access to a video demonstration of the XerXeS DoS attack recently developed by the infamous patriot-hacker known only as The Jester (th3j35t3r).
This new video shows a little more of the XerXeS dashboard, and reveals even more about the attack technique – watch the text box on the left as Jester mentions “Apache” for the first time outside of our private conversations...
https://www.infosecisland.com/blogview/3258-Hacker-Releases-Second-Video-of-Enhanced-XerXeS-DoS-Attack-on-Apache-Vulnerability-.html"There is an UNEQUAL amount of good and bad in most things, the trick is to work... more
-
-
The flaw lies in the management memory level (Virtual Machine Monitor). By leveraging this vulnerability it is possible to bypass security mechanisms of the operating system such as Data Execution Prevention (DEP), Safe Structured Error Handling (SafeSEH) and Address Space Layout Randomization (ASLR) designed to prevent exploitation of security bugs in applications running on Windows operation systems...
https://www.infosecisland.com/blogview/3352-7-Month-Vulnerability-in-Windows-Virtual-PC.htmlThe flaw lies in the management memory level (Virtual Machine Monitor). By leveraging... more
-
-
-
Analyzing an incident when the manufacturer claims that it’s an operator error and the operator claims that it is an application error is one of the most daunting tasks of a security officer. And this is a type of incident that the security officer will be called upon to investigate simply because the management needs an independent observer and has doubts both in the operator as well as the manufacturer. Here is what to do when thrown into the fire…Analyzing an incident when the manufacturer claims that it’s an operator error... more
-
-
Companies buy these so called certified products thinking they have the magic bullet to solve their ITIL project, and they’ll skip the hard part, which is designing the processes for their organization.
So instead of a magic bullet they’ll just shoot themselves in the foot with a real bullet.
ITIL isn’t about specific products but instead about putting in processes that bring efficiency to the organization.Companies buy these so called certified products thinking they have the magic bullet... more
-
-
-
-
SQL injections have evolved in their purpose and sophistication. Originally meant as a tool to attack a merchant’s database and steal data. The attack was reconfigured last summer to install viruses on users’ computers that contain a remote control component. The bad guys are going after high-profile, high-volume websites, instead of going after the smaller websites, which are easier to inject code into…
http://information-security-resources.com/2010/02/09/targeted-sequel-injection-attacks-on-the-rise/SQL injections have evolved in their purpose and sophistication. Originally meant as a... more
-
-
The number and types of external threats to a network are growing exponentially, and unless a company has a dedicated and highly specialized team devoted to network security, it’s hard to keep up with the rapidly changing threat landscape. After all, the threats of the Internet are the same for every company regardless of its size.
http://information-security-resources.com/2010/01/26/consider-outsourcing-your-network-security/The number and types of external threats to a network are growing exponentially, and... more
-
-
-
Reading through a Windows security log or any other log can be very difficult and time consuming, so a lot of companies have created their own tools to analyze windows event logs. But before you start going commercial, there is a tool that will get you going without any cost. Against all odds, it’s a tool made by Microsoft!
http://information-security-resources.com/2009/11/19/windows-security-logs-and-ms-log-parser/Reading through a Windows security log or any other log can be very difficult and time... more
-
-
Ever forge your husband’s signature? Wife’s? Parent’s? Client’s? Do you think the clerk behind the counter at Walmart is skilled in handwriting analysis? The fact is, a handwritten signature provides zero proactive security. If someone signs your name to a check, and you call the bank and say it wasn’t you, they look at the signature and determine whether it’s yours or not. From there they assign liability. That’s dumb.
http://information-security-resources.com/2009/12/09/signature-authorization-is-stupid-security/Ever forge your husband’s signature? Wife’s? Parent’s?... more
-
-
Radisson Hotels & Resorts has posted an open letter to its guests, informing them of a recent data breach but offering little additional information. The data that was accessed includes guests’ names and their credit card or debit card number and expiration date.Radisson Hotels & Resorts has posted an open letter to its guests, informing them... more
-
-
