SecurityRatty: tag: co-tenants

PCI Co and ASVs

2008-03-21 23:53:00 by Random InfoSec Guy in Security Coin

Talking of PCI SSC - We all know VISA has been the biggest contributer to the cause so far and has donated loads of time and IP towards PCI - which has been adopted by PCI Co - but what neither VISA nor PCI Co have been able to successfully do so far - is to monitor the ASVs / QSAs to do their jobs correctly. Meaning QSAs should not be allowed...

Tags: xss, xss flaws, xss vulnerabilities, pci, site, cross-site, pci ssc, site-specific, xss attacks

Security appliance spells success for The Washington Post Co.

2008-02-15 00:00:00 by HASH0x8b22bc4 in Network World on Security

When The Washington Post Co. went looking for a way to add additional security to its Oracle and SQL Server databases, it found that good monitoring tools were few and far between Fundamental Principles of Network Security Advertisement Protect the organization. Learn the 'Need To Know' aspects of network security. Free paper from APC

Tags: network security, washington post, sql server databases, additional security, free paper, fundamental principles, apc, advertisement, tools

Snooping into a co-worker's e-mail? You could be arrested

2008-08-03 00:00:00 by HASH0x8b4b8c0 in Network World on Security

Ever pass by a co-worker's unattended computer and consider taking a peek at her e-mails? Or have you ever thought it would be a funny prank to figure out your cube mate's e-mail password and break into his work account to mess with him

Tags: funny prank, co-worker, e-mail password, cube, figure, e-mails, pass, account, peek

Phishing Tactics Evolving

2008-04-21 11:18:17 by HASH0x85bed5c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

Malware authors, phishers and spammers have been actively consolidating for the past couple of years, and until they figure out to to vertically integrate and limit the participation of other pa rties in their activities, this development will continue to remain so. Malware infected hosts are not getting used as stepping stones these days, for...

Tags: halifax-online, halifax, mem binformslogin, user, user-142o3ds, web application vulnerabilities, mem binhalifax loginformslogin, vulnerable sites, turkish defacement

Compromised Web Servers Serving Fake Flash Players

2008-08-05 14:50:04 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

The tactic of abusing web servers whose vulnerable web applications allow a malicious attacker to locally host a malicious campaign is nothing new. In fact, malicious attackers have been building so much confidence in this risk-forwarding process of hosting their campaigns, that they would start actively spamming the links residing within...

Tags: file, html file, html, comtopnews, detopnews, windows media player, player, web, real player exploit

Davidson Companies illegal network intrusion exposes clients

2008-02-01 14:51:54 by Evan Francen in The Breach Blog

Technorati Tag: Security Breach Date Reported 1/30/08 Organization Davidson Companies Davidson Companies is a financial services holding company based in Montana. It includes D.A. Davidson & Co., an investment firm; Davidson Investment Advisors, a money management firm; Davidson Trust Co., a wealth management and trust company; Davidson Fixed...

Tags: davidson, clients, davidson companies president, davidson companies clients, sensitive personal information, davidson login page, personal information, davidson companies, davidson trust

How to protect your company and employees from workplace violence

2008-02-25 00:03:00 by John Sexton in The Bullet Proof Blog

Q: We have an employee who has made a series of threats to co-workers. He boasts about having a gun. We are considering terminating his employment. What should we do A: Employers have a duty to provide a safe workplace for their employees. While you seem to have reasonable grounds to suspend or terminate this person, you must at the same time...

Tags: workplace, workplace violence, safe workplace, workplace violence start, violence, violence includes threats, violence incident, employees, threats

Two stolen Saks Incorporated laptops contained sensitive information

2008-05-11 21:28:38 by Evan Francen in The Breach Blog

Technorati Tag: Security Breach Date Reported 4/30/08 Organization Saks Incorporated Contractor/Consultant/Branch None Victims Customers Number Affected Unknown According to the New Hampshire State Attorney General breach notification there were 163 persons affected who reside in the state of New Hampshire Types of Data Name, address,...

Tags: saks, laptops, information, andor saks, company laptops, personal information, breach description, breach, credit card account

Your 419 Mail Roundup

2008-07-02 17:11:42 by Christopher Boyd in SpywareGuide Greynets Blog

A handful of scam mails currently in circulation, including one mention of "groundnut oil" that seems so bizarre I had to highlight it in bold text. All this and more, after the jump Subject FROM THE DESK OF MR. STEVEN JAMES From Steven James Date Mon, 30 Jun 2008 19:17:03 +0100 BCC FROM THE DESK OF MR. STEVEN JAMES CHAIRMAN INTERNATIONAL...

Tags: hamilton fund, hamilton, hamilton creek, draft, confirmable bank draft, account, domiciliary bank account, bank, hamilton funds

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo