SecurityRatty: tag: iceberg

Rich Mogull does his best Stiennon imitation, says GRC is dead

2008-05-14 22:12:24 by HASH0x8b54f78 in StillSecure, After All These Years

...iceberg for the entire mountain of ice that is under the water and not as easily seen. The reports and dashboards of GRC products represent the by product of much of the real work and value they bring not just to the "C" level but to the security practitioner who is tasked with ensuring compliance as well. I am seeing the compliance workload...

Tags: rich, rich mogull, security, security practices, industry, security industry, compliance, security practitioner, compliance workload

A Diverse Portfolio of Fake Security Software

2007-12-07 15:16:07 by HASH0x89688e0 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...iceberg in this ongoing practice of distributing spyware and malware under the shadow of software that's positioned as anti-spyware and anti-malware one . The domain farm of fake security software which I'll assess in this post is worth discussing due to the size of its portfolio, how they've spread the scammy ecosystem on different networks,...

Tags: domains portfolio, domains, portfolio, sample domains portfolio, fake security software, software, onerateld, content, exe

Stolen UK Ministry of Defence laptop affects up to 600,000

2008-01-20 14:51:19 by Evan Francen in The Breach Blog

...iceberg, as this latest case was leaked into the public domain, and would have been covered up otherwise That the Government should be trying to con us into placing all out vital information onto a central database, linked to an id card, doesn't bear thinking about. ", Daniel Fernandez, UK Commentary A common theme in the news stories that...

Tags: confidential personal information, personal information, sensitive personal information, information, extensive personal data, personal data, personal, information held, data protection practices

Uncovering a MSN Social Engineering Scam

2008-02-20 14:56:53 by HASH0x8b28420 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...iceberg, however it's a good example of a basic social engineering technique, the one with the basic promise. The scam's pitch Quickly and easily learn who blocked you on MSN. The longly awaited feature for MSN Messenger, completely for free! Please input your MSN Messenger account information to learn who has blocked you. Our system will...

Tags: msn, scam, msn scam, msn messenger, malicious parties care, malicious parties, osint data, data, earn

What if Diebold was bought out by Steve Wynn or Donald Trump?

2008-03-27 02:41:03 by Scott in Scott Wright's Security Views

Sadly, some electronic voting machine manufacturers in the USA have been getting some bad press regarding their machines alleged accuracy issues. Martin McKeay put up this post with a mock news video about electronic voting machine risks the other day (click HERE). This could be just the tip of the iceberg. Maybe we could all

Tags: mock news video, machine manufacturers, machine risks, bad press, electronic, martin mckeay, accuracy issues, sadly, iceberg

The Tip of the Facebook Exploit Iceberg

2008-03-27 19:22:05 by Editor in Digg / Security

Remember the Paris Hilton exposure? This describes in great detail the security and privacy issues with Facebook

Tags: paris hilton exposure, privacy issues, facebook, detail, security, describes, remember

SDL and the OWASP Top Ten

2008-05-01 15:46:00 by sdl in The Security Development Lifecycle

...iceberg. Lets look at what OWASP considers to be the Top Ten list of the most important web application security issues 1. Cross-Site Scripting 2. Injection Flaws 3. Malicious File Execution 4. Insecure Direct Object Reference 5. Cross Site Request Forgery 6. Information Leakage and Improper Error Handling 7. Broken Authentication and Session...

Tags: security, web application security, top, security standpoint, list, previous list, agile development teams, development teams, security researcher

Just the tip of the CyberCrime Iceberg

2008-05-07 16:19:23 by Doug Woodall in The Spyware Biz Blog

I do believe the Finjan company and its staff deserve a Holiday named after them clipped from www.finjan.com Finjan Discovers Compromised Business & Customer Data of 40 Top-tier Global Businesses Finjan Inc., a leader in secure web gateway products, today announced its discovery of a server controlled by hackers (Crimeserver) containing...

Tags: data, customer data, finjan, finjan company, personal data, log files, unique log files, top-tier global businesses, finjan discovers

How Secure is Secure?

2008-05-08 16:46:00 by sdl in The Security Development Lifecycle

...iceberg As I said above in my comments on EALs, the amount of time required by anyone reviewing a product to assess security is relevant since security review can be a very time and resource intensive activity. However, running static code analysis tools, verifying build tools and switches, searching for banned APIs , and recording the...

Tags: security metrics, software security metrics, implementation vulnerabilities, potential implementation vulnerabilities, metrics, secure, software, discretionary security protection, security protection

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo