SEARCH RESULTS
 
Showing 1-10 of 44 records
 
Expand article

Redmond Magazine SQL Injected by Chinese Hacktivists

The Article has images
2008-05-17 12:00:40 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
Four Redmond related web properties appear to have been SQL injected by Chinese hacktivists , namely, Redmond - The Independent Voice of the Microsoft IT Community formerly known as Microsoft Certified Professional Magazine , the Redmond Developer News as well as the Redmond Channel Partner Online The lone hacktivist also left a message at the...
 
Tags: redmond, redmond developer news, chinese hacktivists, lone hacktivist, professional magazine, control bulk, malicious domain, microsoft, wrong target
 
 
 
 
Expand article

Myrcurial gets placed in the Leaders Quadrant - Gartner Days 1&2

The Article has images
2008-06-03 14:23:04 by Myrcurial in Liquidmatrix Security Digest
Gartner IT Security Summit - June 1-3, 2008 - Washington, DC Alright - call this an omnibus posting I had planned to do a better job of intra-day postings, but the schedule here is hectic and as anyone who knows me can attest, I really do work to get maximum value out of any conference that I go to Highlights here - much more detail available if...
 
Tags: security, gartner, security blogger, security conferences, security architecture, security summit, gartner analysts, food, commercial grade food
 
 
 
 
Expand article

Sometimes, It Takes a Thief to Catch a Thief

2008-06-09 17:00:00 by David Critchell, Portfolio.com in Wired Security
 
News from Portfolio.com Also on Portfolio Time for Tech to Throw Everything Into Energy Hollywood Frets Over Corruption Crackdown McCaw's Back to Remake the Wireless Landscape Subscribe to Portfolio magazine Apollo Robbins won't say whether he's ever stolen anything in his life, but it's clear he could if he wanted to. Having grown up in...
 
Tags: robbins, apollo robbins, robbins counts, 34-year-old robbins, information security protection, time, information security, full-time, security people
 
 
 
 
Expand article

Live from the 20th Annual FIRST Conference

2008-06-26 08:53:00 by Russ McRee in HolisticInfoSec.org
 
I've been at the FIRST conference in Vancouver, BC this week presenting , attending great presentations, and meeting a fantastic group of people I'd like to applaud some great presenters I've seen so far, including Par Osterberg Medina ( Detecting Intrusions ), Anton Chuvakin ( Log Analysis ), Raffael Marty ( Applied Security Visualization ),...
 
Tags: steve mancini, volatility, volatility framework, anti-virus industry sucks, total unknown, maltego, par osterberg medina, vendor agnostic solution, total
 
 
 
 
Expand article

You Are "A Security Idiot" If ...

2008-06-26 10:26:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
you Misspell both HIPAA and SOX (how the f does one misspell SOX Confuse " risks " and " threats Think that " Trojan is a vulnerability " AND " DoS is a vulnerability Quote " Insiders are 80% " without thinking for one darn second Think that a loss of " $20 million is catastrophic to any company Talk about " NIST compliance Please add your...
 
Tags: misspell sox, sox, expose fake experts, official list, misspell, list, nist compliance, vulnerability, fck
 
 
 
 
Expand article

Smells Like a Copycat SQL Injection In the Wild

The Article has images
2008-07-28 05:51:23 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
In between the massive SQL injections , that as a matter of fact remain ongoing, copycats taking advantage of the very same SQL injection tools using public search engine's indexes as a reconnaissance tools, are also starting to take advantage of localized and targeted attacks , attacking specific online communities. Among these is...
 
Tags: sql, tools, sql injection tools, massive sql injections, attacks, sql injection attacks, sql injection, massive sql injection, site sql
 
 
 
 
Expand article

Government Sent Home with a C on FISMA Report Card

2008-08-05 13:43:51 by Julia Lim in ScienceLogic
 
Too bad there is no Kaplan Test Prep equivalent for FISMA For the third year in a row, the governments overall FISMA grade improved. But dont get too excited; the grade only improved from a C- to a C this year. (And D+ in 2005 But theres a lot to hide in an average grade. Turns out that the reality is a split between overachievers and...
 
Tags: fisma average grade, average grade, fisma, grade, fisma grade, scorecard, fisma scorecard, fisma requirements, requirements
 
 
 
 
Expand article

Flying Without ID

2008-08-12 12:33:39 by schneier in Schneier on Security
 
Seems like the procedure has changed : Mr. Peters nodded, and then looked down at the sheet which I had filled out and signed. Im going to have to make some calls to verify your identity I nodded He pulled out a cell phone. I had assumed that we would be going to some separate screening room, but that wasnt the case. He stood facing the silver...
 
Tags: cell phone, phone, red marker, form, pause, indigo delta, current address, silver table, security
 
 
 
 
Expand article

RFID: Menace in the Far North

2007-01-05 00:00:00 by Ari Juels in Speaking of Security, the RSA Blog and Podcast
 
It is the first week of January, and forecasts here in Boston call for highs of almost 60 o F. In the throes of unseasonable spring fever, and with the convenience of snow-free streets, it is not easy to muster sympathy for polar bears laboring under the hardships of global warming. I know, however, that their discomfort on the northern fringes...
 
Tags: rfid, convenient rfid, boston call, boston, transit cards recently, rfid privacy, muster sympathy, snow-free streets, northern fringes