SecurityRatty: tag: issue

Crypto-Gram Tenth Anniversary Issue

2008-05-15 11:13:10 by schneier in Schneier on Security

...issues later , none of that has changed I started Crypto-Gram because I had a lot to say about security, and book-length commentaries were too slow and too infrequent. Sure, I was writing the occasional column in the occasional magazine, but those were also too slow and infrequent. Crypto-Gram was supposed to be my personal voice on security,...

Tags: crypto-gram, crypto-gram entries, blog online, blog, security products, snake-oil security products, blog entries, crypto-gram format, format

Poll: How Important is a POC When Getting Someone to Fix a Security Issue

2007-11-27 08:37:00 by Security Retentive in Security Retentive

...issues taken seriously I've noticed that lots of people that work as consultants and/or inside companies have to jump through lots of hoops to get a security vulnerability taken seriously In many cases I see people spending hours and hours crafting a working proof-of-concept exploit for a vulnerability and needing to actually demonstrate...

Tags: issue, people, vulnerability, vulnerability exists, time, poc, lots, exploits, security vulnerability

Dual-Use Technologies and the Equities Issue

2008-05-06 05:17:24 by schneier in Schneier on Security

...issue," and it can be summarized as follows: When a military discovers a vulnerability in a dual-use technology, they can do one of two things. They can alert the manufacturer and fix the vulnerability, thereby protecting both the good guys and the bad guys. Or they can keep quiet about the vulnerability and not tell anyone, thereby leaving...

Tags: technologies, dual-use technologies, bad guys insecure, guys, dual, security, non-security, security improves, security improvements

Dual-Use Technologies and the Equities Issue

2008-05-06 05:17:24 by schneier in Schneier on Security

...issue," and it can be summarized as follows: When a military discovers a vulnerability in a dual-use technology, they can do one of two things. They can alert the manufacturer and fix the vulnerability, thereby protecting both the good guys and the bad guys. Or they can keep quiet about the vulnerability and not tell anyone, thereby leaving...

Tags: technologies, dual-use technologies, bad guys insecure, guys, dual, security, non-security, security improves, security improvements

Open redirect vulnerabilities article - (IN)SECURE Issue 17

2008-06-26 10:18:00 by Russ McRee in HolisticInfoSec.org

...Issue 17 of (IN)SECURE Magazine . Page 43 for your reading pleasure An open redirect is a vulnerability that exists when a script allows redirection to an external site by directly calling a specific URL in an unfiltered unmanaged fashion, which could be used to redirect victims to unintended malicious web sites This issue is a giant pet...

Tags: redirect, issue, redirect victims, malicious web sites, giant pet peeve, specific url, vulnerability, article, dangers

Network World Focus on Security in 3/17/08 issue

2008-03-18 17:22:36 by John Peterson in Security In The Virtual World

...issue that talk about the security challenges in the virtual environment. I suggest everyone interested in the topic take a read After reading the articles, I did want to put out a short blog today to bring clarity to some of the vendor hype and mis-information that has been floating around lately. I've heard many people say that Reflex, Blue...

Tags: catbird provide security, provide, network world, virtual security appliance, virtual security, provide prevention, span port, port, zones

Network World Focus on Security in 3/17/08 issue

2008-03-18 17:22:36 by John Peterson in Security In The Virtual World

...issue that talk about the security challenges in the virtual environment. I suggest everyone interested in the topic take a read After reading the articles, I did want to put out a short blog today to bring clarity to some of the vendor hype and mis-information that has been floating around lately. I've heard many people say that Reflex, Blue...

Tags: catbird provide security, provide, network world, virtual security appliance, virtual security, provide prevention, span port, port, zones

'The' DNS Issue of 2008

2008-07-10 02:54:02 by JJ in Security Uncorked

...issue. The bug was found earlier this year, but the discoverer ( Dan Kaminsky ) and team worked fervently with leaders of the technology industry to create patches for all platforms before the big announcement. And- kudos to them all for keeping zipped lips until the problem could be contained (despite all the heckling and harassing You can...

Tags: dns, dns issue, dns servers, servers, post-black hat blogs, black hat, dns server, server, post

Issue That Virtually Everybody and Their Dog Is Confused About

2008-07-10 12:34:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...issue that everybody and their dog (and, likely, their dog's fleas :-)) is confused about What does PCI DSS Requirement 2.2.1 ("Implement only one primary function per server (for example, web servers, database servers, and DNS should be implemented on separate servers)") mean in virtualized environments Is it "one function per VM instance"...

Tags: separation, physical separation, sufficient separation, database servers, servers, server, primary function, function, physical server

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo