Latest Blog Posts


Why Infosec Languishes, Part 1

October 05, 2009 Added by:Jim Anderson

This subject has been simmering for a long time but the events of the unfolding economic crisis and so many colleagues and acquaintances in the industry who have suffered substantially in their efforts to advance information security within their organizations have prompted me to organize my thoughts in this area.

Comments  (1)


Top PCI DSS Compliance and Security Marketing Annoyances

October 02, 2009 Added by:Anton Chuvakin

Anton Chuvakin discusses PCI DSS. "Don’t misspell PCI DSS. It is not “PCI DDS”, and even not “PCIDSS.” BTW, if you want to impress PCI literati, make sure that “PCI DSS” has a space, while “PA-DSS” has a dash.Most definitely, do not pretend that you address ALL PCI DSS requirements for the only reason of wanting to look good."

Comments  (0)


Facebook’s Faith: A New Scareware Attack

October 01, 2009 Added by:Daniel Kennedy

On Thursday morning, AVG researcher Roger Thompson, after sourcing some spyware attacks to a series of Facebook profiles, noted that these few hundred profiles were showing up with the same profile image but different profile information. The home video link on these profiles, belonging to Faith / Emily / whoever, points to the a web site that displays scareware dialogs:

Comments  (1)


Compliance as a Service

October 01, 2009 Added by:Bob Broda

CaaS would be a value added service that would attract plenty of customers. But how real is the likelihood of this service being offered? There are a number of issues associated the CaaS concept:

Comments  (0)


Find and manage your enterprise desktops with Altiris Client Management Suite from Symantec

September 28, 2009 Added by:David Strom

David Strom's video review of the Altiris Client Management Suite, an enterprise desktop discovery, inventory, remote configuration, deployment, and patch management utility that supports a wide range of client operating systems.

Comments  (0)


Are you running a WordPress Blog? Update it today

August 12, 2009 Added by:Infosec Island Admin

Another security release for Wordpress was released yesterday (version 2.8.4) which patches a rather annoying security flaw discovered with all prior versions. By sending a specially crafted URL as an unauthenticated user to your WP blog, and attacker can essential reset your admin password and lock you out of your blog.

Comments  (0)


Adobe Releases Critical Patches for Flash Player

July 31, 2009 Added by:Infosec Island Admin

Today, Adobe released version of their Flash Player software. This new version fixes multiple critical vulnerabilities, many of this Adobe has not been forthcoming about.

Comments  (4)


Extremely Sensitive US Secrets Found on P2P Networks

July 29, 2009 Added by:Infosec Island Admin

According to an article released by the Washington Post today, private firm, Tiversa, Inc, discovered extremely sensitive information on global P2P Networks.

Comments  (0)


Not So Smart Grid?

July 14, 2009 Added by:Infosec Island Admin

According to a security researcher, the so-called Smart Grid technology being rolled out accross the country as part of the stimulus bill, may be vulnerable to numerous attacks. According to the researcher, many of the commands that allow the power company to interact with the smart-meters at the user's house (for example) do not require authentication, have no encryption and are ripe fo...

Comments  (3)


PCI Auditor Being Sued for Certifiying CardSystems as Compliant

July 13, 2009 Added by:Infosec Island Admin

Savvis is being dragged into court to defend their PCI DDS certification of CardSystems in 2004, which was subsequently responsible for losing a quarter of a million credit card numbers. This is the first of potentially many legal actions against PCI auditors that certified organizations as compliant, when they were subsequently breached and responsible for the loss of consumer cred...

Comments  (2)


Google to Build Malware Resistant OS

July 09, 2009 Added by:Infosec Island Admin

According to Google's official Blog, Google plans to extend their Google Chrome browser (considered by most security professionals to be the most insecure browser out there) into a lightweight operating system designed to primarily interact with web-enabled technologies.

Comments  (2)


Federal Web sites knocked out by cyber attack

July 08, 2009 Added by:Infosec Island Admin

According to an article by the Assoiated Press, and subsequently the Washington Post, several Government agencies in the US and South Korea were under attack by roughly 60,000 infected PCs across the globe.

Comments  (0)


Predictable Social Security Numbers

July 07, 2009 Added by:Infosec Island Admin

According to a story published by the Washington Post today, researchers at Carnegie Mellon University have found that your social security number could be determined just by knowing when and in what zip code you were born in.

Comments  (0)


Heartland Regains PCI Compliant Status

May 03, 2009 Added by:Anthony M. Freed

Heartland’s removal from the list of compliant payment processors had followed revelations that the company had suffered what may have been the largest data breach of payment card information to date, although details of the incident have not been made available due to ongoing investigations...

Comments  (5)


Payment Card Industry Swallows Its Own Tail

April 01, 2009 Added by:Anthony M. Freed

The greatest threat to the survival of PCI DSS (Payment Card Industry Data Security Standard) may not be the ever-evolving tactics of the criminal hackers, but instead the dysfunctional nature of the relationships between the very parties the standards are meant to serve...

Comments  (2)


Visa Puts Heartland on Probation Over Breach

March 13, 2009 Added by:Anthony M. Freed

HPS is now in a probationary period, during which it is subject to a number of risk conditions including more stringent security assessments, monitoring and reporting. Subject to these conditions, Heartland will continue to serve as a processor in the Visa system...

Comments  (1)

« First < Previous | 491 - 492 - 493 - 494 - 495 | Next > Last »