Items Tagged with "Access Control"


02a6d0efd54c7388e26f125d8df83671

Top Five Fundamentals of Network Security

June 14, 2012 Added by:Megan Berry

There are many factors that can bring down your networks and compromise data, including criminals, carelessness and disgruntled employees. The hardware, software, and policies that make up the layers of network security defend your company’s systems from these threats. What are the most common threats?

Comments  (1)

94c7ac665bbf77879483b04272744424

Better Passwords Don't Make Us Secure: Best Practices Advice

June 14, 2012 Added by:Marc Quibell

On today's Internet, it's not about better passwords, because passwords are another weak, vulnerable form of authentication. You can make it longer, more complex... whatever, but it doesn't change the fact that it's still weak and vulnerable. Practice safe computing and at least you will lower your risk...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Thirteen Tips to Secure Your Virtual Machine Environment

June 14, 2012 Added by:Brent Huston

Virtual environments are becoming more popular, enabling multiple OS environments and providing disaster recovery solutions. Safeguarding your virtual environment is vital, though it doesn’t have the same issues as a physical environment. Here are a few tips to keep things running smoothly...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Credential Management

June 13, 2012 Added by:Infosec Island Admin

Credential caching should be disabled on all machines. A common technique employed by attackers is referred to as “pass the hash.” The pass the hash technique uses cached password hashes extracted from a compromised machine to gain access to additional machines on the domain...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Recovering Clear Text Passwords – Updated

June 13, 2012 Added by:Dan Dieterle

When I wrote about WCE last, I noticed that for some reason the output didn’t seem right for accounts that did not have passwords. WCE seemed to mirror a password from another account when a password was not present. Hernan from Amplia Security (creator of WCE) created a fix for this...

Comments  (0)

A88973e7d0943d295c99820ab9aeed27

Fashionable But Vulnerable: Mobile Devices in the Workplace

June 12, 2012 Added by:Simon Heron

Mobile devices are contributing to improved efficiency and are undoubtedly popular with employees, but they are also inherently vulnerable. To minimise the risks, organisations must develop specific mobile device management policies – and then enforce them...

Comments  (0)

54a9b7b662bfb0f0445d1661d7ed180b

Password Protection Pointers

June 12, 2012 Added by:Jayson Wylie

The best password is the one that only you know. Even better one is one that nobody else can find out. Crackers are getting away from massive rainbow tables and moving on to graphics processors for quick password compromise. It is possible to categorize your passwords to define the sensitivity of their purpose....

Comments  (0)

48f758be63686a73484a7380e94f73d0

If I Told You, I'd Have to Kill You

June 11, 2012 Added by:Ed Bellis

All of these breaches present a great opportunity to learn what does and doesn’t work in information security. But when we get responses like the one posted by Last.FM not only do we not learn anything, we don’t have any reason to believe they have either...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Analysis of Passwords Dumped from LinkedIn

June 11, 2012 Added by:Dan Dieterle

People put a lot of personal information on LinkedIn - their education and job experience, along with the groups that they belong to - treasure trove of information to Social Engineers. Of all the online social sites, LinkedIn users should really choose a long complex password to secure their account...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Hooray! An Open-Source Password Analyzer Tool...

June 08, 2012 Added by:Brent Huston

The time it takes to crack a password is the only true measure of its worth. Morris has created a tool for administrators that allows them to configure a password policy based on the time to crack, the possible technology that an attacker might be using, and the password protection technology in use...

Comments  (0)

94c7ac665bbf77879483b04272744424

LinkedIn Fails Security Due Diligence

June 07, 2012 Added by:Marc Quibell

Poor security practices led to the password database ending up in Russia. We can also say that the best security practices were not applied to the security of our passwords: LinkedIn did not "salt their hash" and therefore the passwords were much more vulnerable to simple brute force attacks...

Comments  (0)

54b393d8c5ad38d03c46d060fa365773

How and Why to Alert Your Employees of the LinkedIn Breach

June 07, 2012 Added by:Jason Clark

Cyber security teams should send out an employee alert explaining why LinkedIn passwords need to be changed and best practices for doing so. You may not have direct IT control over individual LinkedIn accounts, but your communication may alleviate social engineering attacks on employees and your network...

Comments  (0)

F29746c6cb299c1755e4087e6126a816

Should You Be Worried About the LinkedIn Breach?

June 06, 2012 Added by:Kelly Colgan

People who rely on LinkedIn for professional networking keep a wealth of information stored on their profile pages. With news of a possible data breach exposing 6.5 million user passwords, LinkedIn users need to take steps to protect their personal data. Here are five tips we recommend you follow...

Comments  (3)

296634767383f056e82787fcb3b94864

Google's Worst Security Idea Ever

June 06, 2012 Added by:Jeffrey Carr

Google announced that it will notify a subset of its Gmail customers if they're the victim of a State-sponsored attack. Google's advice is FUD-inducing for people who aren't targets and insufficient for those who are. I have to wonder what Google was thinking when it created this awful program...

Comments  (0)

54a9b7b662bfb0f0445d1661d7ed180b

Keeping Technology Staff Honest

June 05, 2012 Added by:Jayson Wylie

Technology staff, on occasion, have had an all-access pass to all data on Window’s networks. This creates an environment where the support staff has exposure in having access to sensitive and confidential stuff stored in the most private parts of the organization’s data stores...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Ensuring Data Integrity via Checks, Tests, and Best Practices

June 04, 2012 Added by:Fergal Glynn

As a process, data integrity verifies that data has remained unaltered in transit. As a state or condition, it is a measure of the validity and fidelity of a data object. As a function related to security, means information is exactly as it was inputted and is auditable to affirm its reliability...

Comments  (0)

Page « < 2 - 3 - 4 - 5 - 6 > »