Latest Blog Posts
The Dragon’s Lair?
February 21, 2010 Added by:Bill Wildprett, CISSP, CISA
An excellent article in the N.Y. Times on February 18th stated that two Chinese schools, the Shanghai Jiaotong University and the Lanxiang Vocational School were involved in the recent online attacks against Google and dozens of other U.S. corporations. These conclusions come...
Comments (1)
Flattery is in the Eye of the Beholder
February 19, 2010 Added by:Bill Wildprett, CISSP, CISA
Some very interesting research came to my attention the other day, courtesy of the ISC2.org CISSPforum on Yahoo Groups, pointing to an article in Scientific American that discussed why flattery is effective.
Comments (0)
Enhanced Authentication Now Available on Infosec Island
February 17, 2010 Added by:Infosec Island Admin
Infosec Island™, the new community for IT and information security professionals, today announced that its new enhanced authentication service based on the SyferLock™ GridGuard™ solution, is now live.
Comments (5)
Complete Your Infosec Island Profile - Qualify to Win Over $10k in Services!
February 15, 2010 Added by:Infosec Island Admin
Don't miss out on your opportunity to win one of over $10k in service prizes in the Infosec Island Q1 Membership Drive!
Comments (0)
De-cloaking in Internet Explorer
February 13, 2010 Added by:Fred Williams
I ran across a pretty interesting article on RSnake's blog about using a URL to get users to disclose personal information. I tested this in IE8 and the posting claims it works in IE6 and IE7 as well. I tested in Firefox with and without NoScripts enabled and it doesn't work. Yay Firefox!
Comments (5)
Cloud computing: A Maneuvered Phrase !
February 11, 2010 Added by:K S Abhiraj
Cloud computing has become a huge ‘buzz-phrase’ in last few years, but you’d be forgiven for not knowing what the term actually means indeed. Different people interpret “cloud computing” in different ways. That’s the dilemma because computing “in the cloud” may be important for you and your organization, but if it’s not clear what it actually m...
Comments (2)
Jester Unveils XerXeS Automated DoS Attack
February 10, 2010 Added by:Anthony M. Freed
Anti-jihadi hacker The Jester (th3j35t3r), continues his campaign against militant Islamic websites, and now reveals the development of an automated version of his DoS attack, which he calls the XerXeS project.
Comments (4)
Security Consciousness Raising
February 06, 2010 Added by:Bill Wildprett, CISSP, CISA
I’ve been thinking about Security Awareness and different ways of teaching it as a mindset. We infosec folks think about it all the time, cultivating it as part of our general focus on situational awareness; the general public, corporate and government leaders, SMBs – not as much, perhaps.
Comments (1)
The 800-lb Dragon’s APTitude
February 06, 2010 Added by:Bill Wildprett, CISSP, CISA
I’ve been following the news about the Google hacks and ‘Operation Aurora‘ as McAfee called it, for a while. There’s a plethora of online articles about this and why China would do this, which the PRC government denies pro forma. It’s about nationalistic young Chinese and about PRC government, economic and military strategic interests.
Comments (1)
More Talks with Anti-Jihadi Hacker The Jester
February 04, 2010 Added by:Anthony M. Freed
Anti-jihadi hactivist The Jester (th3j35t3r), the self-proclaimed Nicest Hacker in the World, has returned for part two of our conversation concerning his campaign of intermittent disruption of militant pro-jihad websites.
Comments (1)
Eating your own dog food - how a Security Software company uses Security
February 04, 2010 Added by:Larry Ketchersid
Remember the gentleman in the commercial for Hair Club for men who said “I'm not only the President, but I'm a customer”? While there are days when the hair club tempts me, it is security solutions that my company, Media Sourcery, provides. And, like many of Infosec Island's members, the information, data and documents that we exchange with our customers are proprietary, confidential a...
Comments (1)
Comet's Home Page
February 02, 2010 Added by:_ Comet
Some useful resources and links from one of our members
Comments (2)
In Rebuke of China
February 02, 2010 Added by:Tom Schram
In the current issue of Foreign Affairs, former NATO Commander General Wesley K. Clark and current Department of Veteran Affairs CTO Peter Levin write: “There is no form of military combat more irregular than an electronic attack: It is extremely cheap, is very fast, can be carrier out anonymously, and can disrupt or deny critical servi...
Comments (3)
Hacktivist Tactics Raise Ethical Questions
January 27, 2010 Added by:Anthony M. Freed
Recently we have witnessed the emergence of international hactivist and vigilante “the Jester” through his crusade against jihadi and militant Islamic networks...Jester’s activities raise an important question: Where do cyber vigilantes fall on the infosec ethics spectrum?
Comments (19)
Consider Outsourcing Your Network Security
January 27, 2010 Added by:Ken Leeser
As more and more critical applications and services move to the cloud, organizations are increasingly receptive to the idea of using a managed security service to protect their network and information assets.
Comments (1)
Is the Recent Chinese Google Hack the most Serious Privacy Breach of the Year?
January 21, 2010 Added by:Brent Carey
Last week Google announced that it was the victim of a hack in China. Word of the attack spread quickly and the German, French and Australian governments issued warnings about using internet Explorer. I'm amazed that this incident has not received more commentary from the privacy and security communities. Is this not the most serious data privacy breach in a search engine’s histo...