SEARCH RESULTS
 
Showing 1-10 of 94 records
 
Expand article

Malware Serving Exploits Embedded Sites as Usual

The Article has images
2008-01-09 18:04:58 by HASH0x8957398 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...combination of the recent RealPlayer exploit and MDAC is a fad, but the very same is getting embraced in the short-term by malicious parties in China that have also started combining the Internet Explorer VML Download and Execute Exploit (MS07-004), thanks to recent localized forum postings on modifying the third exploit. Let's assess several...
 
Tags: htm, load uc147, uc147, loads 8v8, 8v8, load 8v8, iframes, recent realplayer exploit, secondary iframes
 
 
 
 
Expand article

TRICARE breach affects 4,700 households

The Article has images
2007-12-20 12:15:59 by Evan Francen in The Breach Blog
...combination of factors? I will assume it was a combination of factors On the one hand, I commend EDS for disclosing the breach to TRICARE, but on the other hand I am concerned about how long this problem may have gone un-noticed. Web applications acquiring, processing, accessing, storing or interacting with sensitive information in any...
 
Tags: tricare, information, personal information, code review, by-line code review, information security, tricare beneficiaries, beneficiaries, breach
 
 
 
 
Expand article

Combating Unrestricted Warfare

The Article has images
2007-12-15 09:08:23 by HASH0x8472308 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...combination of Sun Tzu's 3D perspective on warfare in combination with guerilla approaches to achieve one of Sun Tzu's most insightful quotes - " One hundred victories in one hundred battles is not the most skillful. Seizing the enemy without fighting is the most skillful. " Here's a summary of the study Two senior PLA Air Force colonels...
 
Tags: chinese information warfare, information, information warfare, warfare, cyber warfare unit, cyber warfare, asymmetric warfare, unconventional warfare, warfare employs surprise
 
 
 
 
Expand article

Injecting IFRAMEs by Abusing Input Validation

The Article has images
2008-03-07 15:53:50 by HASH0x8bac8b8 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...combination with a site's SEO practice of caching pages with the injected input in the form of a keyword and the IFRAME, is what we've been seeing during the week Input validation refers to the process of validating all the input to an application before using it. Input validation is absolutely critical to application security, and most...
 
Tags: input validation, input validation checks, plan input validation, input, input validation refers, input validation flaw, iframes, iframe, iframe attack
 
 
 
 
Expand article

Laptop stolen from R.E. Moulton may affect 19,000

The Article has images
2008-06-15 22:15:45 by Evan Francen in The Breach Blog
...combination with social security numbers Breach Description A laptop computer containing sensitive personal information belonging to approximately 19,000 individuals was stolen from the Irving, Texas offices of R.E. Moulton on or around March 7th, 2008 Reference URL New Hampshire State Attorney General breach notification Report Credit The...
 
Tags: sensitive personal information, personal information, information, information security practices, confidential information, information security, moulton, laptop, information security personnel
 
 
 
 
Expand article

Messaging and Event Processing

2008-07-13 09:02:47 by Tim Bass in The Complex Event Processing Blog
 
...combination of both asynchronous and synchronous messaging To understand event processing I recommend you turn to network management and the practical use of Simple Network Management Protocol (SMNP) for a basic undertanding of event processing. SNMP uses both synchronous event-based messaging, called polling, and asynchronous messaging,...
 
Tags: event, smtp event-object, event-object, cyber event-objects, snmp event-object, snmp, event bus, event-objects, event transport
 
 
 
 
Expand article

Bubblicious

The Article has images
2008-07-15 21:26:02 by Gunnar Peterson in 1 Raindrop
...combination, you always get in trouble until you learn not to allow the mixture. So also, in the American banking system So Munger identified this volatile combination about 17 years ago at least. In the same letter Warren Buffett added A few small sections of Mr. Munger's letter have been excluded: When Berkshire's report exceeds 72 pages,...
 
Tags: bad, widespread bad loans, letter, charlie munger, charlie, system, social proof, munger, volatile combination
 
 
 
 
Expand article

HP's NAC- What I've Been Wanting to Tell You (but couldn't)

2008-07-22 22:29:11 by JJ in Security Uncorked
 
...combination Im sure everyone will have their own opinion - I happen to be in Group 3. Why? Because HP has taken the power of their servers, leveraged a very solid endpoint management tool and incorporated a variety of other management and security features by way of their identity management solution The endpoint security . StillSecures Safe...
 
Tags: nac, integration, tnctcg integration frameworks, nac integration, nac vendors, nac solutions-, procurve, procurve idm, nac market
 
 
 
 
Expand article

EPTS: Proposed Event Processing Definitions, September 20, 2006

2008-08-21 05:47:11 by Tim Bass in The Complex Event Processing Blog
 
...combination of event data and information from single and multiple event sources to achieve refined identity and situation estimates for observed event objects, and to achieve complete and timely assessments of opportunities, threats, and their significance. Event processing is characterized by continuous refinements of event estimates and...
 
Tags: event, event-object, business process management, process, event correlation, process refinement, simple, simple event, process events