tagged w/ enetrprise mobility
-
-
-
The sheer volume of potential targets coupled with the vast amounts of money to be made has captured the attention of the global criminal hacking community. Enterprise networks are becoming hardened and they are still vulnerable. We are fragmented and all over the place with an incredible array of interdependent technologies that are set up with convenience in mind and security second…
http://information-security-resources.com/2010/02/18/the-dismal-state-of-information-security/The sheer volume of potential targets coupled with the vast amounts of money to be... more
-
-
MicroSolved, Inc. (MSI) has developed the 80/20 Rule of Information Security that proposes the concept that 80% of an organizations’ real information security comes from only 20% of the assets and effort put into the program. These 13 security projects will give your organization the most effective information security coverage for the least expenditure of time and resources. These projects, once completed, should allow CIO’s to create an effective, efficient, and standards-based approach to information security…
http://information-security-resources.com/2010/02/17/the-8020-rule-for-information-security/MicroSolved, Inc. (MSI) has developed the 80/20 Rule of Information Security that... more
-
-
Infosec Island, the new community for IT and information security professionals, today announced that its new enhanced authentication service based on the SyferLock™ GridGuard™ solution, is now live. Deploying this technology provides Infosec Island members with the option to login with a very high level of security for confidential business, personal or security-related communications. SyferLock’s GridOne authentication is available on Infosec Island to all registered members, and membership is free.
http://information-security-resources.com/2010/02/16/syferlock-gridguard-live-on-infosec-island/Infosec Island, the new community for IT and information security professionals, today... more
-
-
Similar to security assessments, network architecture designs and other projects, a development project, such as this one involves the exchange of confidential data, including in this case, intellectual property designs, requirements documents, test plans, code fragments and road maps. We could have chose to exchange these documents over email, or printed them out and sent them next day parcel post. Instead, we ate our own dogfood and utilized IslandPKI encrypted document and message transfer…
http://information-security-resources.com/2010/02/16/how-a-security-company-applies-security/Similar to security assessments, network architecture designs and other projects, a... more
-
-
So, if my PC is compromised because I don’t have adequate security and $800,000 goes missing from my account, whose fault is it? At first glance some may say the victims, others may say the banks. The fact that there are so many ways passwords can be compromised and accounts can be taken over, and banks know this, it should motivate banks to have redundant security in place. Hacks like this undermine people’s confidence in the system.
http://information-security-resources.com/2010/02/14/banks-fail-to-provide-effective-online-security/So, if my PC is compromised because I don’t have adequate security and $800,000... more
-
-
SQL injections have evolved in their purpose and sophistication. Originally meant as a tool to attack a merchant’s database and steal data. The attack was reconfigured last summer to install viruses on users’ computers that contain a remote control component. The bad guys are going after high-profile, high-volume websites, instead of going after the smaller websites, which are easier to inject code into…
http://information-security-resources.com/2010/02/09/targeted-sequel-injection-attacks-on-the-rise/SQL injections have evolved in their purpose and sophistication. Originally meant as a... more
-
-
Police believe they may have uncovered an international ATM “skimming” ring responsible for stealing money from hundreds of local accounts. It was not too long ago that I bought an ATM north of Boston from a dude named Bob at a bar and rolled it through the streets of Boston nabbing unsuspecting users who entered their debit cards and PINS. I performed this crazy stunt to demonstrate how easy it is and how vulnerable we are.
http://information-security-resources.com/2010/02/07/police-make-arrests-in-atm-skimming-ring/Police believe they may have uncovered an international ATM “skimming”... more
-
-
WireHead SecurityTM, an information security services firm providing customers with solutions to strengthen internal security and risk management, today announced a partnership agreement with the North Carolina Independent Colleges and Universities (NCICU), under which member institutions can take advantage of discounted service pricing. NCICU is comprised of North Carolina’s 36 private, non-profit liberal arts, comprehensive, and research colleges and universities accredited by the Southern Association of Colleges and Schools.
http://information-security-resources.com/2010/02/02/wirehead-security-partners-with-ncicu/WireHead SecurityTM, an information security services firm providing customers with... more
-
-
Scammers will say and do anything to get a person to part with their money. At first they had a sob story that sounded like a legitimate issue, new housing, can’t have a pet. When posted in a classified ad, it looks legitimate. Then they involved a “shipping company” that was a front for the scam. Once the victims were asked to send money via Western Union, that should have been a red-flag.
http://information-security-resources.com/2010/02/01/pet-lovers-are-target-of-latest-online-scams/Scammers will say and do anything to get a person to part with their money. At first... more
-
-
Are you embracing the collaboration phenomenon that has been storming, complete with thunder, lightning and rain over the past few years? Or have you been hiding under an umbrella to avoid this social media storm? Yes, we are all interconnected, whether we want to be, are expected to be, or prefer not to be. We are, as they say in poker, all in, as collaboration is here to stay ― and it’s driven by technology…
http://information-security-resources.com/2010/01/27/technology-drives-new-age-of-collaboration/Are you embracing the collaboration phenomenon that has been storming, complete with... more
-
-
We are observing an incredible rise in cybercrime. New profiles of attackers arrived in the so-called hacking underground, and the hacking world – sometimes – is meeting with organized crime and State-sponsored attacks. The world is changing and, basically, the keyword is the information. In today’s world Information is the Power that’s the sole reason why all of this is happening.
http://information-security-resources.com/2010/01/25/un-crime-justice-institute-fights-hackers/We are observing an incredible rise in cybercrime. New profiles of attackers arrived... more
-
-
Advancements in technology over the past decade have created a tremendous amount of opportunity for the savvy businessperson. Whether it’s mobility, streamlined processes, marketing, or the ability to sell to a global market, there’s never been a better time to be in business. Like anything good, there is always a negative…
http://information-security-resources.com/2010/01/24/enterprise-identity-theft-risks-for-2010/Advancements in technology over the past decade have created a tremendous amount of... more
-
-
It came as a surprise to me when I went to log into my FriendFeed account to make an adjustment and I discovered I was logged into someone-else’s account. I had FULL access. I was able to access the full dashboard and change the picture, email associated and add or delete feeds. My first thoughts were that I have spyware and someone is able to remotely access my machine and use it as their own. I did a full system scan and there is nothing on my machine. There is no other strange activity going on so I’ve narrowed the issue down to this one account…
http://information-security-resources.com/2010/01/21/social-networks-logging-into-wrong-account/It came as a surprise to me when I went to log into my FriendFeed account to make an... more
-
-
One recent example is a Massachusetts man who has been accused of posing as a Secret Service agent in order to enter the U.S. Department of Health and Human Services and pleaded guilty to disorderly conduct, trespassing, and impersonating a public official after attempting to enter a U2 concert without a ticket by impersonating a police officer…
http://information-security-resources.com/2010/01/19/imposters-employ-casual-social-engineering/One recent example is a Massachusetts man who has been accused of posing as a Secret... more
-
-
Infosec IslandTM, the new online community designed especially for IT and network professionals who manage information security, risk and compliance issues, today acquired Information-Security-Resources.com, one of the leading online news portals addressing security issues. ISR brings a number of high profile authors to Infosec Island, who will regularly offer their rich experience and broad set of security expertise for the benefit of the community. The combination of the two communities also allows for Infosec Island’s free and premium tools to be made available to ISR’s international audience – adding further value to their existing readership.
http://information-security-resources.com/2010/01/18/infosecislandcom-network-acquires-isr/Infosec IslandTM, the new online community designed especially for IT and network... more
-
-
-
While similar to a confidence trick or simple fraud, Social Engineering typically applies to trickery or deception for the purpose of information gathering, fraud, or computer system access; in most cases the attacker never comes face-to-face with the victim. But in many cases the attacker certainly does come in contact with the victim. You may be doing all you can and should to protect yourself from hackers and scammers. But a response to a simple email that looks exactly like your expected monthly bank e-statement can completely drain your bank account.
http://information-security-resources.com/2010/01/14/how-to-recognize-social-engineering-scams/While similar to a confidence trick or simple fraud, Social Engineering typically... more
-
-
Ethical hackers are the tech industries white nights, also known as white hat hackers. Steve Stasiukonis from Secure Network Technologies is such a person, hired by by companies CIO’s to penetrate an organizations network to determine where its vulnerabilities are. The process of a white hat starts with a permission based hack that often leads to results that make the CIO nauseous. In Dark Reading Steve writes about how he did it with a fake badge and a Facebook profile…
http://information-security-resources.com/2010/01/12/hacking-a-corporate-network-with-facebook/Ethical hackers are the tech industries white nights, also known as white hat hackers.... more
-
