Blog Posts Tagged with "Access Control"

69dafe8b58066478aea48f3d0f384820

Pentagon Tightens Data Security Protocols

January 02, 2011 Added by:Headlines

At issue is how best to classify material in an effort to prevent further breaches, while also maintaining post-9/11 efforts to increase information sharing efforts between multiple government agencies charged with defending the nation from future terrorist attacks...

Comments  (1)

Ebb72d4bfba370aecb29bc7519c9dac2

Complete PCI DSS Log Review Procedures Part 4

December 16, 2010 Added by:Anton Chuvakin

Event logging and security monitoring in PCI DSS program go much beyond Requirement 10. Only through careful data collection and analysis can companies meet broad requirements of PCI DSS...

Comments  (0)

B451da363bb08b9a81ceadbadb5133ef

WikiLeaks and the Principle of Least Privilege

December 08, 2010 Added by:Alexander Rothacker

Clearly, there were not enough security controls in place that would have prevented the internal thief from accessing this data, and he shouldn’t have had access to this data to begin with. And if he was allowed access to it, there should have been activity monitoring in place...

Comments  (0)

Fdaa09fc5ed18d3226b3a1a00f1bc48c

Securing Java Apps with Smart Cards and Single-Sign-On

December 08, 2010 Added by:Daniel Doubrovkine

The advantages of this method are clear. There aren’t any usernames or passwords exchanged and the modern versions of the security protocols are not vulnerable to brute-force or man-in-the-middle attacks. The enterprise can roll out stronger authentication without changing the applications...

Comments  (0)

5c9886924588e138cc18290742c2095e

What Happened to My Biometric?

November 18, 2010 Added by:Guy Huntington

There has been a significant increase in the use of biometrics for authentication. It is becoming more commonly used to purchase groceries, to gain access to premises, passing through passport control and for logging on to computers. There are some dangers with this trend...

Comments  (1)

37d5f81e2277051bc17116221040d51c

Live ATM Skimming Video Confiscated

November 09, 2010 Added by:Robert Siciliano

In both cases, the criminals need to obtain the 4-digit cardholder PIN to allow for fraudulent cash withdrawal. The video shows criminals installing a micro camera above an ATM PIN pad and then placing a skimming device over the card reader throat...

Comments  (0)

5c9886924588e138cc18290742c2095e

Smart Grid Privacy, Authentication and Authorization

November 02, 2010 Added by:Guy Huntington

This paper outlines my own personal views on the requirements for the home customer re privacy, authentication and authorization. It's meant to illustrate the complexities and to raise questions in utility management, public regulators and utility customer minds about how customer privacy, authentication and authorization will be accomplished...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

NTLM Passwords: Can’t Crack it? Just Pass it!

November 01, 2010 Added by:Dan Dieterle

Windows systems usually store the NTLM hash right along with LM hash, so how much longer would it take to access the user account if only the NTLM hash was available?. If certain circumstances are met and a certain technique is used, it could take the same amount of time, or even less...

Comments  (4)

55e2c9d06a7261846e96b8bb2d4e1fe5

Hashes and the Security Account Manager

October 24, 2010 Added by:bitraptor bitraptor

SAM is far from being perfect, but the real problem lies in the way they store the passwords - it's an old method created by Microsoft prior to the Windows NT family, and they still run the old style LM hash keys so that two concurrent hashes of the passwords are stored...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Cracking 14 Character Complex Passwords in 5 Seconds

October 21, 2010 Added by:Dan Dieterle

A Swiss security company called Objectif Sécurité has created a cracking technology that uses rainbow tables on SSD drives. Apparently it is the hard drive access time and not the processor speed that slows down cracking. Using SSD drives can make cracking faster, but just how fast?

Comments  (23)

16443e0c6f6e4a400fd0164b3c406170

Good Reasons to Lock Down Your Wireless Network

September 05, 2010 Added by:Christopher Burgess

Anyone in proximity to your business, home or office may be within the exploitable footprint of Wi-Fi signal, they can collect your SSID and MAC addresses, and if your network is not secured, their odds of being able to collect information traversing the connection increases exponentially...

Comments  (4)

E313765e3bec84b2852c1c758f7244b6

Passwords, Dinosaurs, and 8-Track Tapes

August 30, 2010 Added by:Brent Huston

It’s not just a matter of people using short, simple, stupid passwords any more. With advances in easily available and cheap computing power such as advanced graphics processors and solid state drives, even long and complex passwords can be cracked in seconds...

Comments  (2)

46d1980e375ce08915b30d9a328c2fdc

Extensive User and Group Privileges

August 16, 2010 Added by:Application Security, Inc.

The process of collecting a comprehensive list of all rights that a user has can become a daunting task. Privileges aren't typically just assigned directly to the users they also inherit privileges from groups or roles they belong to...

Comments  (0)

F6bae6ee0c7dfe5b62860cc8ebf311fe

Boole server - Data centric remote access, auditing and encryption

December 09, 2009 Added by:John England

Maintaining confidentiality and protection of data from unauthorized access are basic requirements for a security system. Boole Server is able to fulfil these protection requirements to a very high standard. Ease of use and versatility in configuration enables Boole Server to be the development platform delivering all the tools necessary for the complete protection of information circu...

Comments  (0)

Page « < 8 - 9 - 10 - 11 - 12 > »