Blog Posts Tagged with "Access Control"


WikiLeaks Lessons for IT Security

January 03, 2011 Added by:Eli Talmor

Obviously Data Loss Prevention policies need to be implemented on endpoint workstations across the Globe: Every document needs to be classified (i.e. encrypted) at generation. The document encrypted should be also “fingerprinted” to prevent distribution in “un-encrypted” form...

Comments  (0)


Pentagon Tightens Data Security Protocols

January 02, 2011 Added by:Headlines

At issue is how best to classify material in an effort to prevent further breaches, while also maintaining post-9/11 efforts to increase information sharing efforts between multiple government agencies charged with defending the nation from future terrorist attacks...

Comments  (1)


Complete PCI DSS Log Review Procedures Part 4

December 16, 2010 Added by:Anton Chuvakin

Event logging and security monitoring in PCI DSS program go much beyond Requirement 10. Only through careful data collection and analysis can companies meet broad requirements of PCI DSS...

Comments  (0)


WikiLeaks and the Principle of Least Privilege

December 08, 2010 Added by:Alexander Rothacker

Clearly, there were not enough security controls in place that would have prevented the internal thief from accessing this data, and he shouldn’t have had access to this data to begin with. And if he was allowed access to it, there should have been activity monitoring in place...

Comments  (0)


Securing Java Apps with Smart Cards and Single-Sign-On

December 08, 2010 Added by:Daniel Doubrovkine

The advantages of this method are clear. There aren’t any usernames or passwords exchanged and the modern versions of the security protocols are not vulnerable to brute-force or man-in-the-middle attacks. The enterprise can roll out stronger authentication without changing the applications...

Comments  (0)


What Happened to My Biometric?

November 18, 2010 Added by:Guy Huntington

There has been a significant increase in the use of biometrics for authentication. It is becoming more commonly used to purchase groceries, to gain access to premises, passing through passport control and for logging on to computers. There are some dangers with this trend...

Comments  (1)


Live ATM Skimming Video Confiscated

November 09, 2010 Added by:Robert Siciliano

In both cases, the criminals need to obtain the 4-digit cardholder PIN to allow for fraudulent cash withdrawal. The video shows criminals installing a micro camera above an ATM PIN pad and then placing a skimming device over the card reader throat...

Comments  (0)


Smart Grid Privacy, Authentication and Authorization

November 02, 2010 Added by:Guy Huntington

This paper outlines my own personal views on the requirements for the home customer re privacy, authentication and authorization. It's meant to illustrate the complexities and to raise questions in utility management, public regulators and utility customer minds about how customer privacy, authentication and authorization will be accomplished...

Comments  (0)


NTLM Passwords: Can’t Crack it? Just Pass it!

November 01, 2010 Added by:Dan Dieterle

Windows systems usually store the NTLM hash right along with LM hash, so how much longer would it take to access the user account if only the NTLM hash was available?. If certain circumstances are met and a certain technique is used, it could take the same amount of time, or even less...

Comments  (4)


Hashes and the Security Account Manager

October 24, 2010 Added by:bitraptor bitraptor

SAM is far from being perfect, but the real problem lies in the way they store the passwords - it's an old method created by Microsoft prior to the Windows NT family, and they still run the old style LM hash keys so that two concurrent hashes of the passwords are stored...

Comments  (0)


Cracking 14 Character Complex Passwords in 5 Seconds

October 21, 2010 Added by:Dan Dieterle

A Swiss security company called Objectif Sécurité has created a cracking technology that uses rainbow tables on SSD drives. Apparently it is the hard drive access time and not the processor speed that slows down cracking. Using SSD drives can make cracking faster, but just how fast?

Comments  (23)


Good Reasons to Lock Down Your Wireless Network

September 05, 2010 Added by:Christopher Burgess

Anyone in proximity to your business, home or office may be within the exploitable footprint of Wi-Fi signal, they can collect your SSID and MAC addresses, and if your network is not secured, their odds of being able to collect information traversing the connection increases exponentially...

Comments  (4)


Passwords, Dinosaurs, and 8-Track Tapes

August 30, 2010 Added by:Brent Huston

It’s not just a matter of people using short, simple, stupid passwords any more. With advances in easily available and cheap computing power such as advanced graphics processors and solid state drives, even long and complex passwords can be cracked in seconds...

Comments  (2)


Extensive User and Group Privileges

August 16, 2010 Added by:Application Security, Inc.

The process of collecting a comprehensive list of all rights that a user has can become a daunting task. Privileges aren't typically just assigned directly to the users they also inherit privileges from groups or roles they belong to...

Comments  (0)


Boole server - Data centric remote access, auditing and encryption

December 09, 2009 Added by:John England

Maintaining confidentiality and protection of data from unauthorized access are basic requirements for a security system. Boole Server is able to fulfil these protection requirements to a very high standard. Ease of use and versatility in configuration enables Boole Server to be the development platform delivering all the tools necessary for the complete protection of information circu...

Comments  (0)

Page « < 8 - 9 - 10 - 11 - 12 > »