• Sort by
  • Date
  • Relevance
LATEST ARTICLES
 
Expand article

Thoughts on ISO 27005

2009-01-06 17:10:59 by Alex in RiskAnalys.is
 
...Information technology Security techniques Information security risk management Technologies de linformation Techniques de sécurité Gestion du risque en sécurité de linformation As you can probably guess, Ive got opinions. And since were both here (me writing, you reading) why dont I let you know what those are I have a few disagreements...
 
Tags: risk, risk based, risk estimation, actual management, estimation, management, executive management, risk management, portfolio risk
 
 
 
 
Expand article

Two data breaches a day!

2009-01-06 16:17:00 by Manu Namboodiri in Data Protection, Management and Leakage
 
And to think that the numbers might be even higher! According to the Identity Theft Resource Center in San Diego, some 656 breaches were reported in 2008, up almost 50% from the previous year. This is almost two breaches a day - and according to the article in the Washington Post , many breaches do not even get reported. So this could be even...
 
Tags: breaches, data protection issues, washington post, day, collective socks, chalta hai, san diego, blase, indian
 
 
 
 
Expand article

Summarizing Zero Day's Posts for December

The Article has images
2009-01-06 08:21:19 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
The following is a brief summary of all of my posts at Zero Day for December, 2008. You can also go through previous summaries for November , October , September , August and July , as well as subscribe to my personal RSS feed or Zero Day's main feed Notable articles for December include ICANN terminates EstDomains, Directi takes over 280k...
 
Tags: december, day, icann, december include icann, vendor claims acrobat, acrobat, passwords easier, directi takes, 256-bit encryption
 
 
 
 
Expand article

Squeezing the Cybecrime Ecosystem in 2009

The Article has images
2009-01-06 08:06:58 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
How do you trigger a change that would ultimately affect the entire cybercrime ecosystem? Going full disclosure may be the most logical option, but past experience reveals that using it has a modest temporary effect. For instance, exposing a stolen credit cards shop isn't going to separate the owner from the stolen database, neither would his...
 
Tags: credit, credit card shops, cybercrime activities, cybercrime, entire cybercrime ecosystem, credit cards, cybercrime receive, customers base disappear, customers base
 
 
 
 
Expand article

Kip Hawley Is Starting to Sound Like Me

2009-01-06 05:51:37 by schneier in Schneier on Security
 
Good quote : "In the hurly-burly and the infinite variety of travel, you can end up with nonsensical results in which the T.S.A. person says, 'Well, I'm just following the rules,'" Mr. Hawley said. "But if you have an enemy who is going to study your technology and your process, and if you have something they can figure out a way to get around,...
 
Tags: nonsensical results, infinite variety, hawley, figure, enemy, hurly-burly, rules, process, travel
 
 
 
 
Expand article

3 Cheap, Safe Ways to Destroy Deadly Explosives

The Article has images
2009-01-06 05:00:00 by Kevin Sites in Wired Security
Most wars last just a few years. But the unexploded mines, shells, and bombs they leave behind can last decades. Getting rid of these lurking killers can be painfully slow and prohibitively expensive. That's why Joe Trocino established the Golden West Humanitarian Foundation with the mission of helping locals dispose of ordnance using...
 
Tags: scrap metal pipe, pipe, cost, bullet barbecue cost, proper diameter pipe, kinetic extractor cost, west humanitarian foundation, van dyke, wood fire
 
 
 
 
Expand article

Secure Your Linux Host - Part 1: Foundations

2009-01-06 03:59:26 by Erik Heidt in Art of Information Security
 
...Information Security and Risk Management research 75% of Data Loss events involve an insider 75% of the insiders actions were negligent and notself-servingormalicious This means that over half (56%) of Data Loss eventswouldnot have been but forincompetentor naivepersonnel As an Information Security professional I have no delusions that the...
 
Tags: sudo, sudo command, login command, login command apt-get, command, apt-get, account, root account, root
 
 
 
 
Expand article

New Phishing Kits Hit the Market: Trojan HTML Injections Now for Sale

2009-01-06 00:00:00 by RSA FraudAction Research Lab in Speaking of Security, the RSA Blog and Podcast
 
The economic lifecycle of the underground fraud community functions very similarly to the world of legitimate business. Online fraudsters have supply chains, third-party outsourcers, vendors, and online forums where people with skills and people with opportunities to commit fraud can find each other. The underground fraud supply chain is...
 
Tags: cashout services, trojan infection kits, services, faas, faas consists, sale, supply chains, fraudster underground, commit fraud
 
 
 
 
Expand article

Twitter Hack: How It Happened and What's Being Done

2009-01-06 00:00:00 by HASH0x8b3ff7c in Network World on Security
 
Twitter is tackling a series of security issues, starting with a hack that hit some well-known celebrity accounts. Someone broke into Twitter accounts belonging to President-elect Barack Obama, CNN anchor Rick Sanchez, and Britney Spears over the weekend. At the same time, a phishing scam is trying to trick regular users into handing over their...
 
Tags: twitter, twitter accounts, trick regular users, well-known celebrity accounts, president-elect barack obama, security issues, britney spears, hack, passwords
 
 
 
 
Expand article

Hackers hijack Obama's, Britney's Twitter accounts