SecurityRatty: tag: double-take

XSF & XSS: Double your pleasure, double your fun

2008-09-21 21:00:00 by Russ McRee in HolisticInfoSec.org

If you've read this blog, or those of my peers, you're likely quite familiar with cross-site scripting, and the problems associated with open redirect vulnerabilities. A vulnerability you may be less familiar with is cross-site framing , which largely couples the best of both above-mentioned vulnerabilities What then, if there's a cross-site...

Tags: openhire code, openhire, original openhire cross-site, scottrade site, scottrade, cross-site, site, secure code, code

Holiday spirit helped double Storm worm

2008-01-11 00:00:00 by Robert McMillan in Network World on Security

Some clever, sexy Christmas-themed spam and a long holiday season helped the criminals behind the notorious Storm Worm more than double their network of infected PCs over the past few weeks, security experts say

Tags: notorious storm worm, security experts, double, holiday season, network, clever, spam, criminals, past

Pennsylvania Department of Aging seniors affected by stolen laptop

2008-01-03 17:18:52 by Evan Francen in The Breach Blog

Technorati Tag: Security Breach Date Reported 12/19/07 Organization State of Pennsylvania Contractor/Consultant/Branch Department of Aging Victims Pennsylvania senior citizens Number Affected 21,000 Types of Data Names, addresses, Social Security numbers, medical information and list of services received from the state Breach Description...

Tags: pennsylvania, pennsylvania department, department, sensitive personal information, personal information, information, computer, laptop computer, medical information

Consumer Reports on Aviation Security and the TSA

2008-01-10 13:58:40 by schneier in Schneier on Security

It's not on their website yet, and you'd have to pay to read it in any case, but the February 2008 issue of Consumer Reports has an article on aviation security. Much of it you've all heard before, but there are some new bits: Larry Tortorich, a TSA training officer and former representative to the Joint Terrorism Task Force who retired in 2006,...

Tags: security, aviation security, security consultancy, doors, double doors, door, consumer reports, secure door, cockpit doors

Making Risk Measures Agree with Accounting 100%

2006-12-26 05:27:00 by Jomni in Risk Management Quant

In my consulting experience, there are clients that use risk software to compliment financial reporting (accounting). Instead of being used solely by the risk department, even financial controllers use it. This is due to the current trend of making financial reporting reflective of the firm's economic value based on the risks it is taking ( IAS...

Tags: risk, risk software, software, risk measurement, values, exact market values, exact, exact cent, cent

Automating web application security testing

2007-07-16 11:40:00 by Panayiotis Mavrommatis in Google Online Security Blog

Posted by Srinath Anantharaju, Security Team Cross-site scripting (aka XSS) is the term used to describe a class of security vulnerabilities in web applications. An attacker can inject malicious scripts to perform unauthorized actions in the context of the victim's web session. Any web application that serves documents that include data from...

Tags: web application, application, input, input parameters, accepts user input, xss, xss vulnerabilities, security, security team check

138 Million Domains

2007-08-29 21:28:19 by Editor in Cheap Hack

VeriSign's August Domain Name Industry Brief , as always, shows big growth in domain registrations to a worldwide total of more than 138 million. ccTLDs, such as .uk and .de, were responsible for a large chunk of the growth this time, almost 6 million domains. .com and .net, the VeriSign domains, grew more than that, but not a lot more. .cn...

Tags: domains, million domains, net domains, million, domain registrations, domain, growth, huge growth, verisign domains

Recession brings a downturn in security spending and jobs

2008-02-13 10:58:30 by Khalid Kark in Security & Risk Management

Many financial indicators are pointing to a looming global recession. This means that companies will be tightening their belts and drastically cutting down on their discretionary spending. What does this mean for information security industry? And what can CISOs do to recession proof their security programs This means leaner security...

Tags: security, information security, information security professionals, businesses, security businesses, fund security projects, real security folk, information security industry, security budgets

Open up that Wireless Network!

2008-01-10 06:39:47 by Bill in Grumpy Security Guy

I love when Bruce and I agree, it makes me feel smarter then I am. I have had a wireless network in my house for about 5 years. Never once has it had any kind of encryption or security. When I setup my neighbors wireless I leave it wide open as well. The crazy foil hat wearing guy in my skull freaks out every time I do this. I was shocked when I...

Tags: security, security neighborhood, wireless network, grumpy security guy, guy, mysterious wireless driver, bruce schneier, million, techcrunch article outlines

IBM boosts performance, energy efficiency of new mainframe

2008-02-26 00:00:00 by

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo