SecurityRatty: tag: familiar

NSA's Domestic Spying

2008-03-26 06:02:18 by schneier in Schneier on Security

...familiar with the data-sifting efforts said they work by starting with some sort of lead, like a phone number or Internet address. In partnership with the FBI, the systems then can track all domestic and foreign transactions of people associated with that item -- and then the people who associated with them, and so on, casting a gradually...

Tags: nsa, data haul, haul, information, transactional information, data, nsa receives, mass data, terrorism information awareness

RSA 2008 - A Theme Identified: Guitar Hero

2008-04-08 05:53:28 by jrjones in Jeff Jones Security Blog

...familiar brands and we meandered over by the Microsoft booth, where I ran into Kai Axford , Austin Wilson and a bunch of other Microsoft folks. After a bit of smalltalk, I set out to accomplish my goals for the evening enjoy the free food and drinks work on identifying the common "theme" for RSA this year Shortly later, as I'm walking by a...

Tags: guitar hero, rsa, theme, guitar hero sets, guitar hero iii, security theme, rsa conference, session, wednesday session

U.S. Arms Dealer Tests Legal Bounds in Middle East Arms Bazaar

2008-07-03 22:00:00 by Sharon Weinberger in Wired Security

...familiar with arms sales, is that it's no longer clear what's legal and what's not Rachel Stohl, an expert on international arms trade and a senior analyst at Center for Defense Information, says that in many ways, the rush to equip Iraq has led the United States to throw caution to the wind. She points to a report by the Government...

Tags: arms brokers, brokers, infamous arms brokers, defense, firm defense solutions, arms, arms trade, international arms trade, russian weapons suppliers

"Walking" with the SDL - Part 3

2008-07-23 16:43:00 by sdl in The Security Development Lifecycle

...familiar with them over multiple releases I would like to touch on one topic before moving on enforcing requirements. As your team grows and your SDL matures, there is an inherent complexity that comes with managing and enforcing your requirements. In our experience, weve found that it is critical to identify a security advisor. Up until now,...

Tags: security requirements serve, security requirements, security development lifecycle, security development, requirements, lifecycle, security lifecycle, security, security ecosystem

XSF & XSS: Double your pleasure, double your fun

2008-09-21 21:00:00 by Russ McRee in HolisticInfoSec.org

...familiar with cross-site scripting, and the problems associated with open redirect vulnerabilities. A vulnerability you may be less familiar with is cross-site framing , which largely couples the best of both above-mentioned vulnerabilities What then, if there's a cross-site framing vulnerability coupled with cross-site scripting in the...

Tags: openhire code, openhire, original openhire cross-site, scottrade site, scottrade, cross-site, site, secure code, code

Open Redirects and Common Weakness Enumeration

2008-10-16 14:58:00 by Russ McRee in HolisticInfoSec.org

...familiar with CVE (Common Vulnerabilities and Exposures), but perhaps you're less familiar with CWE (Common Weaknesses Enumeration). Both are significant efforts, international in scope, and the excellent products of The MITRE Corporation , sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security...

Tags: redirects, common weaknesses enumeration, weaknesses, redirect, cwe, redirect vulnerabilities, cwe-601, software weaknesses, cve

KimsCrafts e-commerce breach affects 4,500

2007-12-14 16:08:39 by Evan Francen in The Breach Blog

...familiar with the Open Web Application Security Project (OWASP Only store the information that is absolutely necessary to retain. If you can run your e-commerce site effectively without storing credit card data, then dont Segment your web application/server from your database/server and apply separate network and operating system controls Run...

Tags: kimscrafts, breach, e-commerce, credit file, credit, credit card data, kimscrafts e-commerce site, data, data security firm

Pets, Weddings, and Identity Theft

2006-12-13 00:00:00 by Ari Juels in Speaking of Security, the RSA Blog and Podcast

...familiar to many of us--support a form of emergency authentication. When you lose or forget your password, the Web site prompts you to answer one or more of the life questions you have registered

Tags: web site prompts, site, questions, personal questions, web site, life questions, identity theft, password, online password management

Diminutive XSS Worm Replication Contest

2008-01-04 16:28:08 by RSnake in ha.ckers.org web application security lab

...familiar with the RSA diminutive munitions project from ages ago, back when it was illegal to export certain crypto systems , and the diminutive PERL contests Ive enacted a similar contest to write a diminutive self replicating XSS worm (with a non-dangerous payload The diminutive XSS worm replication contest is a week long contest to get...

Tags: xss worm, propagation, worm propagation issues, code, diminutive, live worm code, xss worm propagation, winners code, diminutive perl contests

Inside the Chinese Underground Economy

2007-12-09 22:34:23 by HASH0x89e9090 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo