A collection of articles and posts pulled from some of our favorite bloggers across the Internet.

Do you have an IT/Infosec Security blog that we can display here? Suggest a Link, otherwise Contact Us about getting blogging rights here on the Island!

Latest From the Web


From the Web

Taken to the Cleaners

January 20, 2010 from: Office of Inadequate Security

Earlier this month, CSO reported on a worldwide recall on several hardware-encrypted USB sticks from multiple vendors because they contain a flaw which could allow hackers to easily gain access to the sensitive information contained on the device. With the quality of security questionable in many USB drives, it would stand to reason that losing any stick carrying sensitive information now carries ...

Comments  (0)


From the Web

Security researcher IDs China link in Google hack

January 20, 2010 from: Office of Inadequate Security

The malicious software used to steal information from companies such as Google contains code that links it to China, a security researcher said Tuesday. After examining the back-door Hydraq Trojan used in the hack, SecureWorks researcher Joe Stewart found that it used an unusual algorithm to check for data corruption when it transmits information. The source code for this algorithm, “only se...

Comments  (0)


From the Web

Wait, Google - I Thought You Were Evil!

January 12, 2010 from: Rsnake's blog at ha.ckers.org

News is fast hitting about Chinese hacks against Adobe and Google. Very interesting stuff. But beyond the hacks themselves - in Google’s case targeting Chinese political dissidents - is this interesting news:

Comments  (0)


From the Web

Seven Technical Security Myths of the Cloud

January 11, 2010 from: AEON Security Blog

CloudSecurity.org [1] staff wrote a document called “Assessing the Security Benefits of Cloud Computing” [2] and within the article they listed the “Seven Technical Security Benefits of the Cloud.” The article was well written and intentioned however, I decided to place a realistic view on the CloudSecurity’s content and in turn I present the “Seven Technical Se...

Comments  (1)


From the Web

Hacking Takes Lead as Top Cause of Data Breaches

January 09, 2010 from: Office of Inadequate Security

Hacking has topped human error as the top cause of reported data breaches for the first time since such tracking began in 2007, according to the Identity Theft Resource Center’s 2009 Breach Report.In its report, titled “Data Breaches: The Insanity Continues,” the non-profit ITRC found that 19.5 percent of reported breaches were due to hacking, with insider theft as th...

Comments  (0)


From the Web

All Your Clouds Are Belong to… Not You

January 08, 2010 from: AEON Security Blog

After reading ENISA’s “Benefits, risks and recommendations for information security” [1], I am convinced even more so now than I ever was before, against the cloud. For those unaware of the acronym, ENISA stands for European Network and Information Security Agency. It can be viewed as Europe’s version of the USA’s NIST. Their document is 125 pages, with 71 pages encom...

Comments  (0)


From the Web

Heartland in $60 mln settlement agreement with Visa

January 08, 2010 from: Office of Inadequate Security

Heartland Payment Systems Inc (HPY.N) said it reached a $60 million settlement agreement with Visa Inc (V.N), under which it will pay issuers of Visa-branded credit and debit cards for data security breach claims.

Comments  (0)


From the Web

Heartland breach shows why compliance is not enough

January 06, 2010 from: Office of Inadequate Security

The [Heartland] intrusion led to the “stark realization that passing a PCI security audit does not make a company secure,” said Avivah Litan, an analyst at research firm Gartner Inc. “This was known well before the breach, but Heartland served as a big pail of ice water thrown on the face of companies complying with PCI,” she said.

Comments  (0)


From the Web

Pssst… For A Cup of Coffee, I’ll Say Your Cloud Is Secure

January 05, 2010 from: AEON Security Blog

In an article entitled “Cloud computing is a trap, warns GNU founder Richard Stallman” [1] the context couldn’t have been worded better:“It’s stupidity. It’s worse than stupidity: it’s a marketing hype campaign” … “Somebody is saying this is inevitable – and whenever you hear somebody saying that, it’s very likely...

Comments  (0)


From the Web

Looking back on 2009

January 03, 2010 from: Office of Inadequate Security

The breach of Heartland Payment Systems grabbed the headlines for much of the year and the entire population of Belize had their birth details stolen when a government employee left a laptop in a car, but what else went on?

Comments  (0)


From the Web

Cybercrooks stalk small businesses that bank online

January 03, 2010 from: Office of Inadequate Security

A rising swarm of cyber-robberies targeting small firms, local governments, school districts, churches and non-profits has prompted an extraordinary warning. The American Bankers Association and the FBI are advising small and midsize businesses that conduct financial transactions over the Internet to dedicate a separate PC used exclusively for online banking.

Comments  (0)


From the Web

Internet trading site collective2.com hacked

December 30, 2009 from: Office of Inadequate Security

Users of the do-it-yourself trading site collective2.com received an “urgent” e-mail at a few minutes past noon Wednesday notifying them that the company’s computer database had been breached by a hacker and that all users should log in to change their passwords immediately.

Comments  (1)


From the Web

Cloud Security: Want Some Fake Fries With That Vapor Shake?

December 30, 2009 from: AEON Security Blog

Recently I stumbled upon the Cloud Security Alliance’s “Security Guidance for Critical Areas of Focus in Cloud Computing V2.1” [1] and took a quick step back at this statement: Cloud computing is about gracefully losing control while maintaining accountability even if the operational responsibility falls upon one or more third parties. In being fair and logical about my interpret...

Comments  (1)


From the Web

Code That Protects Most Cellphone Calls Is Divulged

December 28, 2009 from: Office of Inadequate Security

A German computer engineer said Monday that he had deciphered and published the secret code used to encrypt most of the world’s digital mobile phone calls, in what he called an attempt to expose weaknesses in the security of the world’s wireless systems.

Comments  (0)


From the Web

Heartland to pay up to $2.4 million to settle cardholder class action suit

December 21, 2009 from: Office of Inadequate Security

Under the terms of the settlement, Heartland says it will pay a minimum of $1 million and up to a maximum of $2.4 million to class members who submit valid claims for losses as a result of the intrusion.

Comments  (0)


From the Web

Hacking the US Government Is Cheap – Costwise

December 21, 2009 from: AEON Security Blog

Anyone who follows information security news is probably wondering this week: “What in the hell is up with security in this country”. At least for those of us living in the United States, this should of been the statement of choice.

Comments  (1)


« First < Previous  | 3 - 4 - 5 - 6 - 7 |   Next > Last »