Security Awareness

37d5f81e2277051bc17116221040d51c

Social Media Sticky Situations

March 15, 2010 Added by:Robert Siciliano

Maybe you’re a Mom or a Dad, a Student or a Grad. No matter what you are, you have a reputation to protect. How we are viewed in society matters to most people. Being viewed as someone who is respectable, responsible, someone who has integrity and is generally a decent person is what most people strive for.

Comments  (0)

6d117b57d55f63febe392e40a478011f

Hacker Releases Second Video of Enhanced XerXeS DoS Attack on Apache Vulnerability

March 11, 2010 Added by:Anthony M. Freed

Infosec Island has once again gained exclusive access to a video demonstration of the XerXeS DoS. This new video shows a little more of the XerXeS dashboard, and reveals even more about the attack technique – watch the text box on the left as Jester mentions “Apache” for the first time outside of our private conversations.

Comments  (15)

2ae549cf604c064a34019c7bd4a81e24

Newbie introduction to digital forensics Part 1.

March 08, 2010 Added by:Juan Granados

The economic and business challenges of the last year have forced changes to business priorities in many areas. For IT, increased scrutiny was placed on data leakage and security. When times are good, businesses can become distracted with new products and technologies. It is not until budgets are cut that the focus moves inward.

Comments  (1)

Ba5964a1284ac16d4277991e7225699c

Trust but verify...

March 08, 2010 Added by:Jason Remillard

Very interestingly enough, in the past five or six days we have been detecting ad networks including Google Adsense, Adultadwords, and Adbrite allowing malware-laden ads on their networks.  We are not the only ones who have identified this issue, check out the following links for more information about them:

Comments  (1)

E4b33dbe234685965beb3e9f2a0ad456

Google, Adobe, and Big Oil Attack Commonalities

March 07, 2010 Added by:Ted LeRoy

The work of protecting information is becoming more difficult with time.  The recently discovered attacks on Google, Adobe, Marathon Oil, ExxonMobil, and ConocoPhillips illustrate an alarming trend.  The attacks even gave rise to a new attack model, the Advanced Persistent Threat (APT).

Comments  (0)

0f48ebb4a6ca02dbf5141affdbfa6898

Security Consciousness Raising

February 06, 2010 Added by:Bill Wildprett, CISSP, CISA

I’ve been thinking about Security Awareness and different ways of teaching it as a mindset.  We infosec folks think about it all the time, cultivating it as part of our general focus on situational awareness; the general public, corporate and government leaders, SMBs – not as much, perhaps.

Comments  (1)

D5e39323dd0a7b8534af8a5043a05da2

So, you wanna network online too?

December 30, 2009 Added by:Fred Williams

I previously listed ways to gain valuable information on hacking targets using little work and no dumpster diving. The previous post was geared towards attacks computer systems but not human targets.What is a little more interesting is attacking specific people. This is one of the key issues behind Facebook' recent privacy issues. Never mind a user setting a "privacy filter" ...

Comments  (2)

D5e39323dd0a7b8534af8a5043a05da2

So, you wanna post some personal data on the Internet?

December 26, 2009 Added by:Fred Williams

I've been reading the book Hacking the Next Generation by Dhanjani, Rios and Hardin and that got me to thinking.... The authors explain in the chapter "Intelligence gathering" that in order to execute a successful attack against a target, the attacker must gain as much intelligence about the target as possible.

Comments  (0)

8d04c13e080ecc73656118e7650fbb4c

Facebook's New “Transition” Tool and Privacy

December 11, 2009 Added by:Todd Zebert

12/9/09 Facebook launched “new privacy settings and tools to give you greater control over the information you share on Facebook”. For many users this may be their first exposure to Facebook privacy settings, and while it’s better than nothing, it can be improved greatly.

Comments  (0)

0f48ebb4a6ca02dbf5141affdbfa6898

Growth as a Process

December 09, 2009 Added by:Bill Wildprett, CISSP, CISA

It’s a great time to be a security professional, always so much to keep learning and to do!  I’ve been working on personal and professional growth, looking for ways to define myself as a consultant and differentiate myself from the ‘Big Guys’.

Comments  (0)

8d04c13e080ecc73656118e7650fbb4c

Facebook Application and Content Creation Privacy

December 04, 2009 Added by:Todd Zebert

While Take Control of your Facebook Security & Privacy Settings (part 1 of this series) provided an overview of Application Privacy, this is a deeper dive and explains how Built-in Apps control some basic functions and default security of Facebook. This is the third in a series, the previous being Facebook Privacy using Friend Lists.

Comments  (1)

8d04c13e080ecc73656118e7650fbb4c

Facebook Privacy using Friend Lists

December 04, 2009 Added by:Todd Zebert

While Facebook’s Privacy settings are a powerful method of controlling who sees what kind of information about you, unless you create and maintain Friend Lists, you are effectively limited to all Friends seeing everything.

Comments  (1)

0f48ebb4a6ca02dbf5141affdbfa6898

Adding new blades to your personal Swiss Army Knife

December 04, 2009 Added by:Bill Wildprett, CISSP, CISA

Friends of mine had been recommending I learn more about IT auditing, to gain a better perspective on how controls are applied, and why.  To that end, I took a three-day Certified Information Systems Auditor (CISA) training course from CertTest in early November.

Comments  (0)

14a516a8718c6b0a09598ac4f2777124

Why Infosec Languishes, Part II

October 28, 2009 Added by:Jim Anderson

Although external forces including economic downturn and market specific slowdowns do have their impact, these external forces alone often cannot explain why information security makes so little progress.   This phenomenon is often true even in situations where senior infosec leadership is experienced, holds multiple certifications, and otherwise commands an excellent grasp of the multip...

Comments  (0)

39b6d5c1d3c6db11155b975f1b08059f

Anti-Social Networking Sites: Part 2

October 09, 2009 Added by:Ron Lepofsky

Since the last blog there has been a steady stream of news about more security threats originating at web sites, particularly from social networking sites.  Profit motive appears to be the primary intent of the threats.  The methodology is committing identity theft for profit.   Below are a sample of four  web based news articles to which I refer:

Comments  (0)

39b6d5c1d3c6db11155b975f1b08059f

Anti-Social Networking Sites

October 09, 2009 Added by:Ron Lepofsky

Over the last two weeks security news reports identify social networking sites as distribution points for malware of all sorts and flavours and as botnets for distributing more of the same.  In addition, site users seem enthusiastic to reveal personal information to those who would gladly accept the information for purposes of identity theft

Comments  (1)

Page « < 53 - 54 - 55 - 56 - 57 > »