SEARCH RESULTS
 
Showing 1-10 of 117 records
 
Expand article

Protect your data: everything else is just plumbing

The Article has images
2007-07-02 20:46:32 by Steve Riley in Steve Riley on Security
...attackers Why, then, is there still so much emphasis on protecting all the plumbing that moves the data around, but little interest in protecting the data itself? My guess: old habits die hard. For most of the history of information security, emphasis on security has roughly followed this model Historical approaches to security have placed...
 
Tags: data security, comrms data security, data, security, confidential information, information, information security, temporary data, data vanishes
 
 
 
 
Expand article

Oak Ridge National Laboratory visitor information exposed

The Article has images
2007-12-11 13:45:21 by Evan Francen in The Breach Blog
...attackers the personal information of anybody who visited the lab over a 14-year span, including Social Security numbers Oak Ridge National Laboratory (ORNL) recently experienced a sophisticated cyber attack that appears to be part of a coordinated attempt to gain access to computer networks at numerous laboratories and other institutions...
 
Tags: information, personal information, security, store social security, retrieve information, regular information security, security systems, cyber-security issues, security breach
 
 
 
 
Expand article

Cached Malware Embedded Sites

The Article has images
2007-12-16 18:18:26 by HASH0x8a09e44 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...attackers ease of management. Having pointers to a single site offers an aggregation point to monitor and generate statistics for all the exploited users. In addition, attackers can update their portfolio of exploits by just changing a single web page without having to replicate these changes to compromised sites. On the other hand, this can...
 
Tags: sites, sites wrongly, web sites, malware, malicious site, site, single site offers, sites notification services, popular sites
 
 
 
 
Expand article

Blended Attacks and The Tiger Team

2008-01-08 03:07:00 by Erik T. Heidt in Art of Information Security
 
...Attackers broke into and vandalized supermarkets, leading police to believe the events were largely petty crimes. But during the break-ins, attackers tampered with the stores card readers to collect credit card information Of course, upon reading this there was a stream of attack ideas that occurred to me such as using a break-in as a cover...
 
Tags: tiger team, team, attacks, attack, attack ideas, physical security blog, physical, cisco report, annual security report
 
 
 
 
Expand article

Security Evolution

The Article has images
2008-05-19 17:42:16 by Gunnar Peterson in 1 Raindrop
...attackers *do* evolve. The new technologies provide far greater attack surface (data, method and channels) for the attacker's to exploit and/or launch attacks from Because the defenses have not evolved its a simple evolutionary adaptation for attackers to go around or through the 1995 defenses. Its not about SOAP going through the...
 
Tags: security, information security, faith based security, security issues asp, asp, security issues, security architecture, ws-security, security architectures
 
 
 
 
Expand article

How effective is the wisdom of crowds as a security mechanism?

2007-12-21 15:26:10 by Tyler Moore in Light Blue Touchpaper
 
...attackers Not so fast. We studied the submission and voting records of PhishTanks users, and our results are published in a paper appearing at Financial Crypto next month. It turns out that participation is very skewed. While PhishTank has several thousand registered users, a small core of around 25 moderators perform the bulk of the work,...
 
Tags: phishtank, phishtank compare, leaves phishtank, users, phishtanks users, vote maliciously, vote, active users, urls
 
 
 
 
Expand article

Recent Symantec and IBM vulnerabilities, giblets, banned APIs and the SDL

2008-01-04 23:37:00 by sdl in The Security Development Lifecycle
 
...attackers are going. As the SDL hardens Microsoft products, we are seeing attackers move elsewhere Third, I like to think about how the SDL might have caught the bugs. There is always a chance to learn from these occurrences, and we sometimes make tweaks to the SDL after vulnerabilities are discovered on other platforms or third-party code....
 
Tags: linker sdl requirements, sdl requirements, ibm, sdl, requirements, symantec, bugs affect ibm, bugs, sdl refers
 
 
 
 
Expand article

My 2008 Security Predictions!

2008-01-09 15:42:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...attackers. The implications of this are pretty horrifying Major utility/SCADA hack = no (not yet). Everybody predicts this one forever (as Rich mentions ), but I am guessing we would need to wait another year or so for this Cyber-terrorism = no (again, not yet!) Will it be a reality in the future? You bet! Just not now A massive data theft to...
 
Tags: security, security predictions, broader information security, information security, smb security, virtual security appliances, security market, security solutions, security software
 
 
 
 
Expand article

OmniAmerican Bank targeted by cyber criminals

The Article has images
2008-01-28 11:26:35 by Evan Francen in The Breach Blog
...attackers go unnoticed and why would skilled attackers stop at "fewer than 100 accounts" before calling attention to themselves If you look at the sophistication of it -- going in, modifying PINs, issuing cards -- this is not a kid out there," he said. "This appears to be something set up. Time was involved in executing it Whoever they are,...
 
Tags: omniamerican bank, bank, omniamerican bank systems, omniamerican, internal, internal bank systems, debit cards, cards, bank employees