Recent Posts Tagged With 'hacking'

• Security Tip: Patching must include ALL applications

  Posted on Tuesday October 6th, 2009 at 07:14 in hacking, patching, intrusion, cybercrime

  Once again, patching isn’t just about plugging holes in Windows.  Most if not all applications have security vulnerabilities if someone looks hard enough.  Up until now, however, finding those vulnerabilities was harder than just whacking the OS....

• For Software Downloads, Go Directly to the Source

  Posted on Friday October 2nd, 2009 at 10:54 in google, search engine, hacking, beta, cybercrime

  Search engine results for download sites offering hard to get or difficult to find popular software are increasingly used by attackers to ply their insidious craft.  Users looking for an easy way to circumvent vendor constraints or to find popular f...

• Security Tip: It isn’t just about social security numbers anymore

  Posted on Friday October 2nd, 2009 at 09:19 in Privacy, hacking, data security, breach, cybercrime, access controls

  A recent breach of a PayChoice Inc. server is evidence that organizations must provide overall controls, not just those targeting popular attack vectors.  Chris Wysopal, chief technology officer at application security vendor Veracode Inc., said the...

• One-Time Passwords are Not Foolproof

  Posted on Friday September 18th, 2009 at 09:47 in vista, risk, malware, hacking, access control, breach, windows 7, cybercrime, password management, access controls, one-time passwords

  Many of us started using one-time password devices some time ago.  They typically take the form of “footballs” or smartcards and generate a random—or pseudorandom—string used only as a password for one session login.  This was considered to...

• Hardware Hacking Defense: Can you say physical security?

  Posted on Wednesday August 5th, 2009 at 11:30 in apple, Security, hacking, data security, cybercrime, security management, physical security, access controls, keystroke logging

  I’ve been sort of stuck in the land of physical security lately.  The reason I can’t seem to extricate my brain relates to the dismal facility security many organizations employ.  It’s the lack of good physical security, including employee re...

• AVSIM: Real world example of the value of offsite backups

  Posted on Monday May 18th, 2009 at 08:00 in Security, hacking, disaster recovery, backup, business continuity, intrusion, cybercrime, threat modeling

  Server redundancy is not enough protection against many business continuity events....

• .NET-Sploit ‘rootkit’: Easy to install, hard to defend against

  Posted on Friday April 17th, 2009 at 13:57 in malware, .net, hacking, black hat, cybercrime

  Microsoft's .NET framework apparently contains a weakness which allows a rootkit-like malware infection, difficult to prevent and detect. ...

• Conficker: Unpreparedness was the problem, not the messenger

  Posted on Friday April 3rd, 2009 at 11:22 in risk, malware, hacking, risk management, cybercrime, threat modeling, conficker, attack tree

  As usual, finger-pointing about what is beginning to be seen as Conficker FUD is increasing. Understandably, the media is taking the brunt. Understandably, but not necessarily appropriate. ...

• Compliance requires people supported technical solutions

  Posted on Saturday March 28th, 2009 at 11:19 in Security, risk, hacking, risk management, data security, breach, business continuity, intrusion, cybercrime, extrusion, threat modeling

  Relying completely on technology to safeguard information assets is a poor business decision....

• You Just Have to Run Faster than the Bear

  Posted on Monday March 23rd, 2009 at 09:49 in Security, Privacy, smb, hacking, risk management, hipaa, data security, breach, business continuity, intrusion, cybercrime, pii

  Today's cybercriminals look for softer targets as ROI increasingly drives cybercrime. SMBs are next in their sights....

• Examining the SMM Hack and Pondering Intel’s Apathy

  Posted on Friday March 20th, 2009 at 13:19 in Security, hacking, smm, Intel, exploit, rootkit, cybercrime, rutkowska, smram, wojtczuk

  SMM rootkit vulnerabilities are reasonably troublesome, not new, and apparently marginalized by Intel....