SecurityRatty: tag: explanation

Who's Selling Front-Running Data?

2008-01-18 11:15:55 by Editor in Cheap Hack

...explanation for why they engage in front-running in order to protect against it , Network Solutions says: "Front Runners may get access to these searches through Internet Service Providers, Spyware, or registries. " I asked Network Solutions if they had any evidence to back this statement up or if it was just speculation. Personally, I've...

Tags: data, whois, command line whois, provide data, internet service providers, hard evidence, service, network solutions, evidence

Who's Selling Front-Running Data?

2008-01-18 11:15:55 by Editor in Cheap Hack

...explanation for why they engage in front-running in order to protect against it , Network Solutions says: "Front Runners may get access to these searches through Internet Service Providers, Spyware, or registries. " I asked Network Solutions if they had any evidence to back this statement up or if it was just speculation. Personally, I've...

Tags: data, whois, command line whois, provide data, internet service providers, hard evidence, service, network solutions, evidence

Why Is ISO2700x Hot in UK, but Not in US?

2008-05-16 11:36:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...explanation is that every security manager worth his salt read ISO17799 documents and then used the ideas and material in his own policies, procedures, etc. On the other hand, he sees no motivation whatsoever to invest in certification - since nobody is making him do it (no equivalent of a PCI auditor is standing nearby with a big axe Another...

Tags: iso17799 documents, security, security management, iso17799, security manager worth, set national standards, ideas, opposite true, countries

A Question of Integrity: To MD5 or Not to MD5

2008-06-25 19:50:57 by Craig Balding in Cloud Security

...explanation Weve isolated this issue to a single load balancer that was brought into service at 10:55pm PDT on Friday, 6/20. It was taken out of service at 11am PDT Sunday, 6/22. While it was in service it handled a small fraction of Amazon S3s total requests in the US. Intermittently, under load, it was corrupting single bytes in the byte...

Tags: amazon prior, amazon, aws, aws status page, md5, load balancer, single load balancer, status, data

268,000 donors exposed through stolen Memorial Blood Centers laptop

2007-12-06 14:09:42 by Evan Francen in The Breach Blog

...explanation. Why on earth does the Memorial Blood Centers need to collect Social Security numbers as part of their blood collection process? I assume that they use Social Security numbers as identifiers, which everyone should know is a "no-no" unless its require by law. I'm no lawyer, so is it required by law Let's say for a second that...

Tags: donors, blood, security, security cameras, store social security, memorial blood centers, donors social security, breach description, blood components

Duke School of Law breach affects 3,200

2007-12-06 11:37:20 by Evan Francen in The Breach Blog

...explanation of what occurred is clear, Duke's response is clear, and what they plan to do is clear. I am impressed Now, what I am not impressed about is the decision to store confidential information on a web server. More often than not, this is bad news. Common information security practice is to place publicly accessible servers in a DMZ,...

Tags: school, duke school, breach, security, comfyllama social security, complete, breach description, complete security scan, security breach

Factoring News

2007-06-04 13:00:00 by Burt Kaliski in Speaking of Security, the RSA Blog and Podcast

...explanation of the recent factorization of the 1039th Mersenne number. I've add just a few comments on his recent blog entry , which I've said is otherwise "faultless" (continuing an earthquake metaphor introduced at the conclusion of his post Mersenne numbers, because of their special form, are especially shaky. They fall much more quickly...

Tags: 1039th mersenne, mersenne, recent blog entry, earthquake metaphor, informative explanation, recent factorization, special form, research, post

Skype Clarifies: The Bug Has Been Fixed

2007-08-22 12:54:28 by Editor in Cheap Hack

...explanation of the reboot outage did not say that the bug had in fact been fixed. I took that as implying that it hadn't. Now it says that it has. In a second blog on the subject , Skype is explicit: Yes, the bug has been squashed. The parameters of the P2P network have been tuned to be smarter about how similar situations should be handled....

Tags: skype, tuned skype, p2p core, core, bug, similar situations, similar, fix, tuned

Pushdo - Web Based Malware as Usual

2007-12-19 18:01:44 by HASH0x89b80bc in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...explanation of the GET variables, however, such descriptive use of POST variables to a malware's C&C server have been around for the last couple of years. What has logically changed is the added layer of obfuscation and complexity to make it hard to assess what does such a URL actually mean The malware to be downloaded by Pushdo depends on...

Tags: malware, web based malware, pushdo, botnet masters circa, botnet masters, nuclear malware kit, botnet, pushdo author, botnet communication platforms

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo