-
51.Washington Post Launches Top Secret America (www.infosecisland.com)
So let me ask the Islanders some questions: Do you think this is responsible reporting? Is it right to publish the locations of the Nations secrets to the world? If you're outside of the US, how would you feel about this in your country?
-
52.Compliance - Don't Be a Box Checker (www.infosecisland.com)
Whether the data represents your personal health records, your financial statements or your latest credit card bill, the goal is the same. The guardians of that data have a legal, ethical, moral and some would say religious obligations to protect that data...
-
53.Weaponizing the Nokia N900 - Part 1 (www.infosecisland.com)
From a surveillance aspect, think of bad people with n900s in their pockets running Asterisk servers on their phones and connecting to each other point-to-point over encrypted tunnels - now that's a challenge...
-
54.Default, Blank and Weak Username/Passwords (www.infosecisland.com)
Application Security, Inc.’s Team SHATTER has researched the Top 10 Database Vulnerabilities in order to you with the most up-to-date vulnerabilities, risk and remediation information. Today’s topic is Default, Blank & Weak Username/Passwords...
-
55.A Contractor Solution for Cyber Warriors (www.infosecisland.com)
The bottom line is that the Federal Government needs highly qualified cyberwarriors in order to protect the welfare of the nation. When one compares this specialized need, the best choice is contractor provided employees...
-
56.Hacking Layer 8 - Wetware (www.infosecisland.com)
One can certainly see this train wreck coming with the potential for company names to be plastered all over the Internet with the embarrassing results of their social engineering-induced data leakage...
-
57.Internet Threat Monitoring Environments (www.infosecisland.com)
HITME is a set of deployed HoneyPoints that gather real time attacker data from around the Internet including attack sources, frequency, targeting information, vulnerability patterns, exploits, malware and other crucial event data for the technical team to analyze...
-
58.Petabytes On the Cheap (www.infosecisland.com)
It turns out you can create a single chassis that contains around 67 terabytes in it for $7,867. That’s pretty incredible...It almost doesn’t make any cost sense to outsource your storage to the cloud with those cost savings.
-
59.Four key benefits of ISO 27001 implementation (www.infosecisland.com)
Have you ever tried to convince your management to fund the implementation of information security? If you have, you probably know how it feels - they will ask you how much it costs, and if it sounds too expensive they will say no...
-
60.Some Possible Insights into Geo-Economics of Security (www.infosecisland.com)
Buying a certificate to allow for transport security is a good idea if you’re worried about man in the middle attacks. But when you’re in another country where the cost of running your website is a significant investment compared to the United States, suddenly the fees associated with the risks ...
-
61.The 0Exploit Privilege Escalation (www.infosecisland.com)
Routing only sends the module through the session. Once the payload runs for exploit modules, it's is calling straight back to the LHOST attacker box, not through the session. So, you can now exit session 1 NETWORK SERVICE, as it's not really needed any more...
-
62.Essential Trust Analysis (www.infosecisland.com)
In operational trust analysis, you learn to use logic and reason to make a trust decision. It is a new practice developed by ISECOM to explore operational trust in Trusted Computing as part of the EU's Open Trusted Computing (OpenTC) project...
-
63.Wardriving shows Wireless Networks still Wide Open (www.infosecisland.com)
Wardriving usually consists of driving around in a vehicle searching for Wi-Fi Wireless networks using Aircrack-NG, Netstumbler, Kismet or another similar program. A wardrive was performed at a recent computer security class in Texas. The results were stunning...
-
64.Microsoft's Future in the Cloud (www.infosecisland.com)
Vikas Arora, Group Director, Cloud Services, Microsoft India speaks to Rahul Neel Mani on Microsoft's late entry into the cloud platform, how Azure compares with Amazon's products, Microsoft's future in the cloud and other possibilities in cloud computing...
-
65.10 Ways Malicious Code Reaches Your Network (www.infosecisland.com)
This white paper focuses on 10 common ways that malicious code can penetrate a network. Knowledge of these methods and the ability to recognize them are the first steps in preventing them from succeeding in harming your network...
-
66.Threats to Your Information Security (www.infosecisland.com)
Threats to your information and computer security may be closer than you think. This applies to businesses and individuals alike. If you own a company the threat may be as close as your own employees...
-
67.Mitigating Risks of the IT Disaster Recovery Test (www.infosecisland.com)
The IT Disaster Recovery Test as part of the Business Continuity testing is becoming an annual event for most IT departments. It is mandated by a lot of regulators, nearly insisted upon by internal audit and of course a very healthy thing to do...
-
68.Criminal Communication Infrastructure (www.infosecisland.com)
One of the central challenges for cyber-criminals is how to communicate with their customers while also maintaining their anonymity. There are three main types of communication utilized by Bulletproof Hosts (BPHs)...
-
69.Certified Ethical Hacker Courses - Again… (www.infosecisland.com)
The exam is in revision 6 now, and tests a wide range of techniques from reading and analyzing TCP dumps and Snort logs, understanding the OSI model, how to use many of the common exploit tools, recognizing the exploits and their uses, and so on...
-
70.Hotels are Hotspot for Credit Card Fraud (www.infosecisland.com)
According to a recent study, 38% of all credit card breaches occur in hotels. Despite several high profile breaches that recently affected payment processors and banks, the financial services industry only accounts for 19% of breaches...
-
71.NGA Explores Community Cloud with NCOIC (www.infosecisland.com)
Their immediate interest is in developing an open standards based community cloud that would support the 26 NATO, 10 partner and 2 non-NATO/non-partner countries...
-
72.UK Seeks Input on Data Protection Law (www.infosecisland.com)
Asking the public what do to about the data protection – a complex technical issue about which the majority of informed citizens will probably have only a passing knowledge – seems a step too far...
-
73.Flash Camera and Mic Remember Function and XSS (www.infosecisland.com)
Flash’s settings are very often scoped to the domain rather than the app. Although currently allowing Flash access to camera and microphone isn’t all that common, if it ever did become common using XSS would be a pretty interesting tactic...
-
74.User Review of Puppy Linux 5.0 (www.infosecisland.com)
I have really come to love Puppy Linux over the last several years. I use it as a LiveCD/USB platform for secure browsing, a Linux OS for old hardware that I donate to a variety of folks and causes, and as a platform for using HoneyPoint as a scattersensor...
-
75.Vulnerability Disclosures Summarized (www.infosecisland.com)
My solution? Create a standard that we all abide by. I know as hackers we rebel against such things but in the interest of getting better security out there we should should really work together on this...
Powered by