SEARCH RESULTS
 
Showing 1-10 of 149 records
 
Expand article

House committee issues report and finds fault with TSA web site

The Article has images
2008-01-15 09:35:53 by Evan Francen in The Breach Blog
...Lead on the website project and acted as the point of contact with the contractor had an apparent conflict of interest. He was a former employee of Desyne Web Services and regularly socialized with Desynes owner TSA did not detect the websites security weaknesses for months The redress website was launched on October 6, 2006, and was not...
 
Tags: tsa, website, website contract, traveler redress website, tsa moved quickly, security breach, information security breach, security vulnerabilities, multiple security vulnerabilities
 
 
 
 
Expand article

Diminutive XSS Worm Contest Drama and Status Update

2008-01-06 17:34:38 by RSnake in ha.ckers.org web application security lab
 
...lead to previously non-published/understood results about worm propagation (Im confident, because its already yielded some various interesting problems that we have had to clarify using rules that I didnt even think would come up). And Im also confident that this will lead to ways in which we can protect ourselves from them - not today,...
 
Tags: browser companies, browser, browser security arena, code, people visit, people, worm code, diminutive xss worm, xss worm
 
 
 
 
Expand article

What should done about employees stealing in the workplace?

2008-02-21 05:25:00 by John Sexton in The Bullet Proof Blog
 
...lead guilty and received a jail sentence Not all clients will want to go to that extent and many have no intentions of prosecuting an employee. It is still a good idea to pursue a dishonest employee and gather evidence that they are stealing or conducting illegal activities on the company property. The benefits of such an investigation are...
 
Tags: business owner, local business owner, owner, truck, company truck, company, investigation company, investigator video taped, investigator
 
 
 
 
Expand article

Mecklenburg County (NC) account numbers in the trunk

The Article has images
2008-02-26 16:28:38 by Evan Francen in The Breach Blog
...lead to identity theft and/or fraud. Experienced and educated thieves will use one piece of data to obtain other pieces of data which will in turn lead to a complete identity theft profile. This is probably not the case here however Any of the 400 victims should alert their banks and the credit agencies The county sent a letter to everyone...
 
Tags: county, mecklenburg county, information confidentiality, information, sensitive personal information, account, sensitive information, county official, evan account
 
 
 
 
Expand article

What type of security do I need in my Virtual Network?

The Article has images
2008-02-24 14:18:29 by John Peterson in Security In The Virtual World
...lead you to believe that you don't need various types of security products in your virtual environment. They would also lead you to believe that you only need their solution. In fact, they all compete against each other to some extent I'm sure if you were to ask Reflex who their competitors were, they would tell you Blue Lane and Catbird, or...
 
Tags: security, switch, virtual switch, security switch, comprehensive security solution, comprehensive, solution, reflex, reflex security
 
 
 
 
Expand article

Bankers: Welcome to Our World

The Article has images
2008-05-24 01:32:00 by Richard Bejtlich in TaoSecurity
...leads to the illusion that you can quantify all risks and therefore regulate them. The degree of dislocation in the CDO market has shown how hard it is to quantify risk on these products Models still have their place: optimists expect them to be greatly improved now that a big crisis has helpfully provided loads of new data on stressed...
 
Tags: risk management, improve risk management, risk, risk chief, risk system, risk managers lies, market risk, risk-management toolkit, credit risk
 
 
 
 
Expand article

What type of security do I need in my Virtual Network?

The Article has images
2008-02-24 14:18:29 by John Peterson in Security In The Virtual World
...lead you to believe that you don't need various types of security products in your virtual environment. They would also lead you to believe that you only need their solution. In fact, they all compete against each other to some extent I'm sure if you were to ask Reflex who their competitors were, they would tell you Blue Lane and Catbird, or...
 
Tags: security, switch, virtual switch, security switch, comprehensive security solution, comprehensive, solution, reflex, reflex security
 
 
 
 
Expand article

Misconceptions about outsourcing security

2007-12-13 14:05:54 by Khalid Kark in Security & Risk Management
 
...lead to lower costs. In fact many companies end up spending more in the outsourcing scenario. They are willing to pay a higher cost because they gain competencies and get additional capabilities such as 24x7 monitoring or compliance reporting Outsourcing security means transferring risk. You can transfer the responsibility but not the...
 
Tags: security processes, establish security processes, security, processes, security controls, security managers cost, cost, security operations, security services
 
 
 
 
Expand article

On virtualisation

2007-05-29 16:20:00 by Niels Provos in Google Online Security Blog
 
...lead to an attacker compromising the virtual machine process. While you would typically require root (or equivalent) privileges in the guest to interact with a device at the low level required, device drivers will often offload the parameter checking required onto the hardware, so in theory an unprivileged attacker could be able to access...
 
Tags: machine, virtual machine process, virtual machine software, host machine, host, software, virtual machine, low, low level access
 
 
 
 
Expand article