Blog Posts Tagged with "Network Access Control"

69dafe8b58066478aea48f3d0f384820

IEEE Addresses SCADA Security Standard Challenges

November 08, 2011 Added by:Headlines

"As the rate of bolder, more sophisticated cyber attacks continues to spiral upward, ensuring data integrity and security has become increasingly challenging. By necessity, preventing unauthorized intrusion into critical systems has become a top priority..."

Comments  (0)

49afa3a1bba5280af6c4bf2fb5ea7669

Authentication: Who Are You and Why Are You Here?

July 29, 2011 Added by:Mike Meikle

You may have robust network security, stringent password policies and a tightly locked down user environment, but if you don’t know what you own, both data and hardware, it is akin to having a bank vault door standing alone in a field...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Stroke Development Versus Not Drowning

July 28, 2011 Added by:Rafal Los

Sony, Fox/Murdoch, et al, are all being harried by vulnerabilities left open in the backwaters of their infrastructure, not by bruteforce through the main gates. What little surprises might one find by using this time for review and planning?

Comments  (0)

Ec9b0ab31140696dd578b354b1054635

Password Hash: It's Okay to Inhale...

July 18, 2011 Added by:Vulcan Mindm3ld

The recent IRC Federal and HBGary SQL injection vulnerabilities allowed attackers access to a username/password table stored in the database. IRC Federal's “experts” simply stored unencrypted passwords while HBGary's “expert” third-party developers implemented unsalted, non-iterated MD5...

Comments  (4)

7c5c876d1933023ac375eead04302e1a

What the CISSP Won't Teach You Part Deux

June 30, 2011 Added by:Boris Sverdlik

You should use a layered security model. Port Security should be enabled; IDS Response rules should trigger a port shutdown on multiple ARP responses past a certain threshold. Are you seeing yet how attackers think?? The CISSP will not teach you to think outside the box...

Comments  (0)

Bc353c4c6a6f7743290ce11723414424

AAA Security Troubleshooting

June 27, 2011 Added by:Dawn Hopper

In troubleshooting authentication, using specific debug tacacs+ or debug radius commands often provide too detailed and obscure output to anyone except those extremely knowledgeable in the protocols. Instead, the debug AAA authentication generic command has several advantages...

Comments  (0)

E973b16363b3de77b360563237df7e32

Where Are Your Default Admin Passwords?

June 24, 2011 Added by:Bozidar Spirovski

The passwords should be constructed in two parts, each part entered by different person, which increases the complexity significantly and reduces the possibility of using social knowledge of a single person to attack the password. Also, no one single person knows the password...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Dropbox Confirms Password Security Glitch

June 21, 2011 Added by:Headlines

"This should never have happened. We are scrutinizing our controls and we will be implementing additional safeguards to prevent this from happening again. We are sorry for this and regardless of how many people were ultimately affected, any exposure at all is unacceptable to us..."

Comments  (1)

69dafe8b58066478aea48f3d0f384820

RSA's SecurID Hack Leads to Lockheed Network Disruption

May 27, 2011 Added by:Headlines

"Whoever hacked the RSA network got the algorithm for the current tokens and then managed to get a key-logger installed on one or more computers used to access the intranet at this company. With those two pieces of information they were then able to get access to the internal network..."

Comments  (1)

69dafe8b58066478aea48f3d0f384820

Five Security Secrets Network Administrators Keep Quiet

March 22, 2011 Added by:Headlines

Network administrators may be conducting their own personal risk assessments in the course of their daily duties. They may be weighing factors such as performance pay incentives, the thoroughness of security audits, and time constraints when deciding what is or is not a priority...

Comments  (0)

0dc5fdbc98f80f9aaf2b43b8bc795ea8

Who’s NAPping on Your Network? (Part Two)

March 17, 2011 Added by:Global Knowledge

In the last post I described a high-level overview of 802.1x authentication. Now, let’s dive a bit deeper into the use of 802.1x as a foundation for Network Access Protection (NAP) enforcement of health policies in a Windows Server 2008 network infrastructure...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

Improved DoD Data Security Measures Slated for 2013

March 11, 2011 Added by:Headlines

At issue is how best to control access to sensitive data in an effort to prevent further breaches while also maintaining post-9/11 efforts to increase information sharing between multiple government agencies responsible for defending the nation...

Comments  (0)

99edc1997453f90eb5ac1430fd9a7c61

The Post-Holiday Blues

January 22, 2011 Added by:Javvad Malik

You walk back to the office knowing full well, like hundreds of others in their office, they’ve forgotten their password. You then have to jump through 20 different hoops to identify yourself. Your name, ID number, user ID, your managers name, your national insurance number… blah blah blah... Finally, you’re told that your password has been reset to Password123. Success? Nearly, becaus...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Hackers Steal Millions in EU Carbon Trading Credits

January 20, 2011 Added by:Headlines

The EU Emissions Trading Scheme has suspended all carbon emissions trading until January 26th after hackers breached networks and pilfered millions in pollution credits. The credits stolen form the Czech accounts are estimated to be worth as much as seven million Euros, according to reports...

Comments  (0)

F833294b729456685864bd3393473c5a

SyferLock Unveils Superior Two Factor Authentication

January 14, 2011 Added by:Paul Sitar

With the addition of the superior “soft token” solution, SyferLock truly covers the entire authentication spectrum, as well as a myriad of diverse and evolving use cases and business requirements challenging the security and account access of organizations and their users...

Comments  (0)

065b7cfbbb03ac9d18cbf5ed0615b40a

Reality Check: Traditional Perimeter Security is Dead

December 15, 2010 Added by:Stefan Fouant

An all-inclusive security posture looks at the network from a holistic point of view. The principles of Defense-in-Depth will make evident the failings of the traditional perimeter model. The traditional perimeter is dead. The perimeter is wherever the data is...

Comments  (0)

Page « < 1 - 2 - 3 > »