Network->General
Small Romanian Town Has Become Cyber Crime Central
February 03, 2011 Added by:Headlines
A fascinating article explores how a small Romanian town has evolved to become an international center for cybercrime operations. In Râmnicu Vâlcea, a remote village in the Southern Carpathian foothills, online predatory networks have brought a flood of new wealth to the once agrarian community...
Comments (0)
Sandy Bridge Chip Flaw Puts Intel in Crisis Mode
February 02, 2011 Added by:Headlines
"Does it change the perception of Intel's quality? Yes, probably. You've got real product out there that's been qualified and tested and green-lighted, and then you come back to say there's a problem and you have to recall," Wedbush analyst Patrick Wang told Reuters...
Comments (0)
Internet Security Alliance News and Upcoming Events
February 02, 2011 Added by:Marjorie Morgan
Larry Clinton will be featured on a Federal News Radio panel that will discuss Advanced Persistent Threats and the industrial strength hacking. The discussion will explore how the threat has evolved, the implications are for business, government officials, society, and the growing challenge...
Comments (0)
Cisco WebEx Conferencing Security Vulnerabilities
February 01, 2011 Added by:Headlines
The first vulnerability leaves the end-user's computer open to remote execution of commands by an attacker. The second vulnerability causes meeting attendee's computers to crash if a minor alteration is made to the XML code in a file that controls the WebEx polling feature...
Comments (0)
Eleven Log Management Resolutions for 2011
February 01, 2011 Added by:Anton Chuvakin
One of the simplest ways to commit to logging in 2011 is to commit to monitoring when logging stops. Apart from being a violation of a few regulatory compliance mandates, termination of logging – whether due to an attacker or by mistake – is something you need to know right when it happens...
Comments (0)
DHS Funds $40 Million Program for Cyber Security Research
January 31, 2011 Added by:Headlines
The Department of Homeland Security has announced a program offering $40 million in funds for cybersecurity research and development, and is seeking proposals for projects on a broad range of information security challenges to bolster network defenses in the face of ever growing threats...
Comments (0)
Common Criteria Evaluation Assurance Level (ISO 15408)
January 30, 2011 Added by:Jamie Adams
Common Criteria is a framework in which computer system users can specify their security and assurance requirements. Vendors then implement and/or make claims about the security attributes of their products, and testing laboratories can evaluate the products to determine if they actually meet the claims...
Comments (0)
Q and A with Hacker "srblche srblchez"
January 28, 2011 Added by:Rafal Los
An independent attacker who writes their own scripts and hacks in 'a couple of seconds' is your worst nightmare as a security professional, mostly because the velocity of attack is so great and the likelihood of being caught in a detection system like an IPS is so low...
Comments (1)
FBI Executes Warrants for Anonymous DDoS Attacks
January 28, 2011 Added by:Headlines
The Anonymous script-kiddie roundup begins in earnest: FBI agents today executed more than 40 search warrants throughout the United States as part of an ongoing investigation into recent coordinated cyber attacks against major companies and organizations...
Comments (1)
Anonymous Calls UK Arrests a "Declaration of War"
January 27, 2011 Added by:Anthony M. Freed
In what is best described as rhetoric befitting a professional wrestling pay-per-view smack-down teaser, the non-entity known as Anonymous has taken offense with the United Kingdom for having the nerve to enforce their nation's laws, calling the arrests a "serious declaration of war"...
Comments (7)
Air Force General Urges Enhanced Cyber Deterrence
January 27, 2011 Added by:Headlines
“If we elect to use cybercapability to deter — and you don’t necessarily have to, you can use something else to deter bad cyberbehavior — [but] if we’re going to use cybercapabilities to deter, that’s going to beg for some demonstration of that capability..."
Comments (0)
Anonymous DDoS Participants Arrested in UK
January 27, 2011 Added by:Headlines
Anonymous DDoS attackers are typically teenagers and young adults who have little or no understanding of the risks and legal repercussions that can stem from participating in the attacks, and most operate under the misconception that they can not be identified by authorities...
Comments (1)
Defense in Depth: Security Strategy or Security Blanket?
January 26, 2011 Added by:Robb Reck
We have all heard that a defense in depth is required for an effective security program. But in many ways defense in depth has become a security blanket for companies, rather than a strategy. The number of different technologies may give a nice sense of security, but provides negligible added value...
Comments (6)
Why Fail2Ban Can Fail With VoIP
January 26, 2011 Added by:J. Oquendo
So an attacker launched a scan, who cares, it happens and even if I outright blacklist him, odds are, he is on a throwaway address or compromised host. Nevertheless he scans. At some point in time, he WILL come across the honeypot I left in plain sight for him...
Comments (0)
Anonymous DDoS Targets Egyptian Government Sites
January 26, 2011 Added by:Headlines
The international script-kiddie ensemble known as Anonymous has turned their DDoS attacks on Egyptian websites. Analysis shows server failure for Egypt's Ministry of the Interior website, and other reports indicate that the Ministry of Communications and Information Technology may also have been targeted...Anonymous DDoS Participants Arrested in UK
Comments (0)
Monitoring Site Traffic for Fraud Prevention
January 25, 2011 Added by:Richard Stiennon
Although deploying web application firewalls from Imperva or AppSec Inc. is the best way to defend against these attacks, more sophisticated attacks may take advantage of yet undiscovered vulnerabilities or use the very structure of the site to engage in fraudulent practices, often as authenticated users...
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)