Latest Blog Posts

37d5f81e2277051bc17116221040d51c

Social Media Sticky Situations

March 15, 2010 Added by:Robert Siciliano

Maybe you’re a Mom or a Dad, a Student or a Grad. No matter what you are, you have a reputation to protect. How we are viewed in society matters to most people. Being viewed as someone who is respectable, responsible, someone who has integrity and is generally a decent person is what most people strive for.

Comments  (0)

E4b33dbe234685965beb3e9f2a0ad456

Need to consolidate information security compliance efforts? Try open source.

March 12, 2010 Added by:Ted LeRoy

Many organizations have to comply with multiple regulatory requirements for their information security infrastructures.  Fragmented efforts to comply Sarbanes-Oxley (sarbox or SOX), Gramm Leach Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA),  Payment Card Industry - Data Security Standard (PCI-DSS), and ISO 27000 series, to name a few, can result in c...

Comments  (0)

6d117b57d55f63febe392e40a478011f

Hacker Releases Second Video of Enhanced XerXeS DoS Attack on Apache Vulnerability

March 11, 2010 Added by:Anthony M. Freed

Infosec Island has once again gained exclusive access to a video demonstration of the XerXeS DoS. This new video shows a little more of the XerXeS dashboard, and reveals even more about the attack technique – watch the text box on the left as Jester mentions “Apache” for the first time outside of our private conversations.

Comments  (15)

2ae549cf604c064a34019c7bd4a81e24

Newbie Introduction to Digital Forensics Part 2

March 08, 2010 Added by:Juan Granados

The information available on the internet can be a blessing and a curse at the same time. The multitude of information can be overwhelming for the newly annointed "Padawan" learner. One thing was clear....Forensic analysis was an art rather than a science. My hope of finding a "Cliff's Notes" version of "Digital Forensics" would prove to be impossible.

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

Simple Log Review Checklist Released!

March 08, 2010 Added by:Anton Chuvakin

Today, many people are looking for very simple solutions to big and complex problems – and the area of logging and log management is no exception. Following that theme, we have created a "Critical Log Review Checklist for Security Incidents" which is released to the world today.

Comments  (1)

B426b30042abbc15e363cb679bbc937d

Press F1 for Help, pwned.

March 08, 2010 Added by:Daniel Kennedy

Microsoft published security advisory 981169 yesterday in response to the zero day vulnerability reported a few days prior. The vulnerability is in the help system and can be triggered by luring an Internet Explorer user into pressing the F1 key. Windows 2000, Windows XP SP2 & SP3, and Windows 2003 SP2 with Internet Explorer 7 and Internet Explorer 8 are all affected.

Comments  (0)

2ae549cf604c064a34019c7bd4a81e24

Newbie introduction to digital forensics Part 1.

March 08, 2010 Added by:Juan Granados

The economic and business challenges of the last year have forced changes to business priorities in many areas. For IT, increased scrutiny was placed on data leakage and security. When times are good, businesses can become distracted with new products and technologies. It is not until budgets are cut that the focus moves inward.

Comments  (1)

Ba5964a1284ac16d4277991e7225699c

Trust but verify...

March 08, 2010 Added by:Jason Remillard

Very interestingly enough, in the past five or six days we have been detecting ad networks including Google Adsense, Adultadwords, and Adbrite allowing malware-laden ads on their networks.  We are not the only ones who have identified this issue, check out the following links for more information about them:

Comments  (1)

E4b33dbe234685965beb3e9f2a0ad456

Google, Adobe, and Big Oil Attack Commonalities

March 07, 2010 Added by:Ted LeRoy

The work of protecting information is becoming more difficult with time.  The recently discovered attacks on Google, Adobe, Marathon Oil, ExxonMobil, and ConocoPhillips illustrate an alarming trend.  The attacks even gave rise to a new attack model, the Advanced Persistent Threat (APT).

Comments  (0)

B59a51a3c0bf9c5228fde841714f523a

How Twitter spam steals from Google, Yahoo!

March 06, 2010 Added by:Chester Wisniewski

Scammers have been devising ways to ride on someone else's coattails since the dawn of time. With every new technology they find another way to make money from nothing. Today I am going to highlight a method that involves Twitter, Yahoo!, and Google AdSense.

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Security Bloggers Wanted - Get Noticed - Get Hired in 2010!

March 05, 2010 Added by:Infosec Island Admin

The publishers of Infosec Island are now enrolling experienced network security professionals to become Island Bloggers and Forum Moderators. Register and complete your profile, and you will be elligible to win one of over $10,000 in products and services.

Comments  (11)

00fd6160b9db2d91e663a578d87cbaf3

Social Engineering at the White House and Your Enterprise

February 28, 2010 Added by:Wayde York

What does our enterprise information have in common with President Obama and Vice President Biden? The need for constant protection. Your enterprise data needs protection from the host of technical and human threats that seem to evolve daily. The President and Vice President require the same protection, albeit amplified due to their position in the world power scheme.

Comments  (0)

A3e8b5e0becdbfb1b1c706b452b6c388

Road Map for an Application/Software Security Architect (Part 6)

February 26, 2010 Added by:Stephen Primost

So, the application designer has disclosed that the solution for the web services being designed will involve the (1) need to authenticate; (2) need to determine levels of authorization; and (3) [by the way] need to have some personalized data be carried forward to the application. If you, as a the security architect involved in the security assessment process, are smart, you would have a security...

Comments  (0)

Cc5b3987fdda8edb89d6f82eb0d64fed

The first thing about security

February 23, 2010 Added by:_ Comet

My first blog post, Comet's Home Page, is a document that contains settings and freeware that I typically install on my own Windows machines.  The purpose of that page is to serve as a reference, because there are many things that only need to be done once on a new machine, such as installing software or tweaking internet connection limi...

Comments  (2)

6d117b57d55f63febe392e40a478011f

Exclusive Video of XerXeS DoS Attack

February 22, 2010 Added by:Anthony M. Freed

Infosec Island has gained exclusive access to a video demonstration of the XerXeS DoS attack as it is unleashed on the Taliban website www.alemarah.info, and carried out by infamous patriot hacker The Jester (th3j35t3r).

Comments  (10)

D5e39323dd0a7b8534af8a5043a05da2

Thanks for InfoSecIsland.com for an exciting training class.

February 22, 2010 Added by:Fred Williams

I thought I would post a quick blog on my training class information that I won through InfoSecIsland.com.  This proves that real people win contests on this great site.  If you ever get the opportunity to sign up for a contest here, you should do it.

Comments  (3)


« First < Previous | 469 - 470 - 471 - 472 - 473 | Next > Last »