Blog Posts Tagged with "Network Access Control"


IEEE Addresses SCADA Security Standard Challenges

November 08, 2011 Added by:Headlines

"As the rate of bolder, more sophisticated cyber attacks continues to spiral upward, ensuring data integrity and security has become increasingly challenging. By necessity, preventing unauthorized intrusion into critical systems has become a top priority..."

Comments  (0)


Authentication: Who Are You and Why Are You Here?

July 29, 2011 Added by:Mike Meikle

You may have robust network security, stringent password policies and a tightly locked down user environment, but if you don’t know what you own, both data and hardware, it is akin to having a bank vault door standing alone in a field...

Comments  (0)


Stroke Development Versus Not Drowning

July 28, 2011 Added by:Rafal Los

Sony, Fox/Murdoch, et al, are all being harried by vulnerabilities left open in the backwaters of their infrastructure, not by bruteforce through the main gates. What little surprises might one find by using this time for review and planning?

Comments  (0)


Password Hash: It's Okay to Inhale...

July 18, 2011 Added by:Vulcan Mindm3ld

The recent IRC Federal and HBGary SQL injection vulnerabilities allowed attackers access to a username/password table stored in the database. IRC Federal's “experts” simply stored unencrypted passwords while HBGary's “expert” third-party developers implemented unsalted, non-iterated MD5...

Comments  (4)


What the CISSP Won't Teach You Part Deux

June 30, 2011 Added by:Boris Sverdlik

You should use a layered security model. Port Security should be enabled; IDS Response rules should trigger a port shutdown on multiple ARP responses past a certain threshold. Are you seeing yet how attackers think?? The CISSP will not teach you to think outside the box...

Comments  (0)


AAA Security Troubleshooting

June 27, 2011 Added by:Dawn Hopper

In troubleshooting authentication, using specific debug tacacs+ or debug radius commands often provide too detailed and obscure output to anyone except those extremely knowledgeable in the protocols. Instead, the debug AAA authentication generic command has several advantages...

Comments  (0)


Where Are Your Default Admin Passwords?

June 24, 2011 Added by:Bozidar Spirovski

The passwords should be constructed in two parts, each part entered by different person, which increases the complexity significantly and reduces the possibility of using social knowledge of a single person to attack the password. Also, no one single person knows the password...

Comments  (0)


Dropbox Confirms Password Security Glitch

June 21, 2011 Added by:Headlines

"This should never have happened. We are scrutinizing our controls and we will be implementing additional safeguards to prevent this from happening again. We are sorry for this and regardless of how many people were ultimately affected, any exposure at all is unacceptable to us..."

Comments  (1)


RSA's SecurID Hack Leads to Lockheed Network Disruption

May 27, 2011 Added by:Headlines

"Whoever hacked the RSA network got the algorithm for the current tokens and then managed to get a key-logger installed on one or more computers used to access the intranet at this company. With those two pieces of information they were then able to get access to the internal network..."

Comments  (1)


Five Security Secrets Network Administrators Keep Quiet

March 22, 2011 Added by:Headlines

Network administrators may be conducting their own personal risk assessments in the course of their daily duties. They may be weighing factors such as performance pay incentives, the thoroughness of security audits, and time constraints when deciding what is or is not a priority...

Comments  (0)


Who’s NAPping on Your Network? (Part Two)

March 17, 2011 Added by:Global Knowledge

In the last post I described a high-level overview of 802.1x authentication. Now, let’s dive a bit deeper into the use of 802.1x as a foundation for Network Access Protection (NAP) enforcement of health policies in a Windows Server 2008 network infrastructure...

Comments  (2)


Improved DoD Data Security Measures Slated for 2013

March 11, 2011 Added by:Headlines

At issue is how best to control access to sensitive data in an effort to prevent further breaches while also maintaining post-9/11 efforts to increase information sharing between multiple government agencies responsible for defending the nation...

Comments  (0)


The Post-Holiday Blues

January 22, 2011 Added by:Javvad Malik

You walk back to the office knowing full well, like hundreds of others in their office, they’ve forgotten their password. You then have to jump through 20 different hoops to identify yourself. Your name, ID number, user ID, your managers name, your national insurance number… blah blah blah... Finally, you’re told that your password has been reset to Password123. Success? Nearly, becaus...

Comments  (0)


Hackers Steal Millions in EU Carbon Trading Credits

January 20, 2011 Added by:Headlines

The EU Emissions Trading Scheme has suspended all carbon emissions trading until January 26th after hackers breached networks and pilfered millions in pollution credits. The credits stolen form the Czech accounts are estimated to be worth as much as seven million Euros, according to reports...

Comments  (0)


SyferLock Unveils Superior Two Factor Authentication

January 14, 2011 Added by:Paul Sitar

With the addition of the superior “soft token” solution, SyferLock truly covers the entire authentication spectrum, as well as a myriad of diverse and evolving use cases and business requirements challenging the security and account access of organizations and their users...

Comments  (0)


Reality Check: Traditional Perimeter Security is Dead

December 15, 2010 Added by:Stefan Fouant

An all-inclusive security posture looks at the network from a holistic point of view. The principles of Defense-in-Depth will make evident the failings of the traditional perimeter model. The traditional perimeter is dead. The perimeter is wherever the data is...

Comments  (0)

Page « < 1 - 2 - 3 > »