SecurityRatty: tag: for-fee

Army Orders Pain Ray Trucks; New Report Shows 'Potential for Death'

2008-10-10 15:17:00 by David Hambling in Wired Security

After years of testing, the Active Denial System -- the pain ray which drives off rioters with a microwave-like beam -- could finally have its day. The Army is buying five of the truck-mounted systems for $25 million. But the energy weapon may face new hurdles, before it's shipped off to the battlefield; a new report details how the supposedly...

Tags: pain ray, supposedly non-lethal blaster, active denial system, army, microwave-like beam, energy weapon, report details, rioters, killer

Exploit code loose for six-month-old Windows bug

2008-10-10 04:00:00 by Editor in Computerworld Security News

Microsoft has acknowledged that exploit code is circulating for a still-unpatched vulnerability it first reported six months ago. But it's not clear when, or if, it plans to release a patch

Tags: exploit code, months ago, plans, vulnerability, release, patch, microsoft

New Tool For Graphics Cards Threaten Wireless Networks Encryption

2008-10-10 23:19:36 by CyberInsecure in CyberInsecure.com

Russian firm ElcomSoft has applied GPU acceleration technology to a new password recovery tool that allows PCs or servers running supported NVIDIA video cards to break Wi-Fi encryption up to 100 times faster than is possible by using conventional microprocessors. Recovery times for Wi-Fi keys are increased by a factor between 10 to 15 in

Tags: nvidia video cards, password recovery tool, gpu acceleration technology, russian firm elcomsoft, conventional microprocessors, times faster, recovery times, wi-fi keys, wi-fi encryption

Expanding Response: Deeper Analysis for Incident Handlers

2008-10-10 08:38:00 by Russ McRee in HolisticInfoSec.org

To achieve my GCIH Gold, I recently completed a paper called Expanding Response: Deeper Analysis for Incident Handlers , now available in the SANS Reading Room . The premise was to further expand on the topics discussed in my Malware analysis tools post. This paper includes tools discussed at various times in my toolsmith column in the ISSA...

Tags: network, paper includes tools, incident handlers, network capture, deeper analysis, paper, gcih gold, includes details, pcap files

Data Mining for Terrorists Doesn't Work

2008-10-10 06:35:43 by schneier in Schneier on Security

According to a massive report from the National Research Council, data mining for terrorists doesn't work. Here's a good summary: The report was written by a committee whose members include William Perry, a professor at Stanford University; Charles Vest, the former president of MIT; W. Earl Boebert, a retired senior scientist at Sandia National...

Tags: data, synthetic population data, terrorists, program, program enters, research scientist, research, protect, microsoft research

Model Validation - Not Just for Quants

2006-12-26 05:10:00 by Jomni in Risk Management Quant

In an article recently published in the ERisk Monthly Newsletter , it is stated that model validation is not a purely quantitative endeavor. Below is a quote from the article Model validation is often thought of as a rather technical and mathematical exercise. However, bank losses from model risk are often caused by poor governance of the...

Tags: model validation, bank, senior bank executives, compliance, regulatory compliance reasons, purely quantitative endeavor, bank losses, poor, article recently

Security Policy Considerations for the Junk FAX Prevention Act

2007-12-27 08:56:05 by Editor in Information Security Policy Whitepapers

New FCC rules for the Junk Fax Prevention Act of 2005 have changed the way organizations must handle outbound customer communications via FAX technology. In this article we look at the main provisions of the recent ruling and suggest some audits of your information security policies that may help reduce the risk of violating the new FAX...

Tags: information security policies, fax requirements, fcc rules, main provisions, fax technology, audits, organizations, article, recent

The Return on Investment for Securing Information

2007-08-13 00:00:00 by Sean Kline in Speaking of Security, the RSA Blog and Podcast

There have been quite a few blogs written about the Return on Investment (ROI) of security. Amrit Williams has several links in his recent discussion of the topic. This reminds me of some work that I did with BearingPoint on the ROI of a Services-Oriented Architecture (SOA), a similarly challenging area in which to quantify value. The framework...

Tags: traditional roi metrics, roi, strategic drivers, distribution channels, difficulty, investment, risk reduction, return, business initiative

Will the recent cyber attacks on Estonia be a wake up call for European and U.S. leaders?

2007-07-02 00:00:00 by Shannon Kellogg in Speaking of Security, the RSA Blog and Podcast

Will the recent cyber attacks on Estonia be a wake up call for European and U.S. leaders? According to a Reuters story on Friday, June 30th, the answer is apparently yes at least on the other side of the Atlantic Ocean. What about the U.S

Tags: recent cyber attacks, leaders, reuters story, atlantic ocean, estonia, june 30th, call, european, apparently

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo