SEARCH RESULTS
 
Showing 1-10 of 131 records
 
Expand article

Expanding Response: Deeper Analysis for Incident Handlers

2008-10-10 08:38:00 by Russ McRee in HolisticInfoSec.org
 
...nature of malicious software on his network. He is in receipt of the above mentioned .exe and .pcap files and seeks to further his understanding with the use of less typical tools. She begins the process with the network capture, and then takes a closer look at the binary to see what can be learned and what the impacts of an outbreak on her...
 
Tags: network, paper includes tools, incident handlers, network capture, deeper analysis, paper, gcih gold, includes details, pcap files
 
 
 
 
Expand article

CHECKLISTS ARE NOT FOR DUMMIES, BUT THEY SURE ARE DUMB!

The Article has images
2008-06-11 13:51:33 by Alex in RiskAnalys.is
...Nature. State of Nature just means what the current state is. There are two ISSA Journals on my desk right now - State of Nature statement State of Knowledge : Analysis derived from examination of State of Nature. One of these ISSA Journals has an article co-authored Donn Parker on ROI. Ive read it, and it makes some statements he regards as...
 
Tags: checklists, article checklists, article, mmmmm-mmmmmmm checklists, nice checklists, provide analysis, provide, nature, nature statement
 
 
 
 
Expand article

Hansei and the CISO

The Article has images
2008-09-16 17:47:47 by Alex in RiskAnalys.is
...nature of that relationship? Who are you reporting to and what are their concerns? What and how are you reporting and how might that be addressing their concerns What processes are in place?, How do you know that those are the processes that should be in place? If they are, what kind of job am I doing at those processes What is the quality of...
 
Tags: risk management requires, risk management, risk, hansei, risk register, program, manage risk, manage, adrians program diagram
 
 
 
 
Expand article

HMRC loses data cartridge that affects 6,548 pensioners

The Article has images
2007-12-31 23:30:11 by Evan Francen in The Breach Blog
...nature of the medium on which the data is held. [Evan] Security through obscurity doesn't work. This is one of the oldest security fallacies in the book. Don't count on the nature of the medium to provide adequate security We are taking this loss extremely seriously and have done everything possible to locate the data cartridge. We would...
 
Tags: data, data cartridge, hmrc, lost hmrc cd, prime data, confidential data, hmrc breach, consult hmrc, hmrc encrypts
 
 
 
 
Expand article

The Fox and the Henhouse

2008-01-28 15:02:17 by Burton Group in Security and Risk Management Strategies Blog
 
...nature: one trader, responsible for plain vanilla futures hedging on European equity market indices, had taken massive fraudulent directional positions in 2007 and 2008 beyond his limited authority Three things about this sentence are worrying. First, the fraud is described as "exceptional in size and nature". The good ones always are...
 
Tags: societe generale, societe generale begins, yesterday societe generale, societe generale appears, risk management lessons, risk management, risk management personnel, plain vanilla futures, apparently
 
 
 
 
Expand article

The Fox and the Henhouse

2008-01-28 15:02:17 by Burton Group in Security and Risk Management Strategies Blog
 
...nature: one trader, responsible for plain vanilla futures hedging on European equity market indices, had taken massive fraudulent directional positions in 2007 and 2008 beyond his limited authority Three things about this sentence are worrying. First, the fraud is described as "exceptional in size and nature". The good ones always are...
 
Tags: societe generale, societe generale begins, jerome kerviel, kerviel, yesterday societe generale, apparently, bank apparently, bank, prevent kerviel
 
 
 
 
Expand article

The Impact of Dans DNS Debacle on Internet Risk

2008-07-30 08:11:30 by Burton Group in Security and Risk Management Strategies Blog
 
...nature of the attack requires the following An attacker must convince/trick a user into making a DNS request for a domain that doesnt already exist in their DNS servers cache. The expectation here is that s/he can be easily tricked into doing this Then, the attacker must simultaneously attack the DNS server by guessing the transaction ID....
 
Tags: dns servers, servers, impact, dns, dns servers cache, risk impact revolves, major dns vendors, risk, major dns vulnerability
 
 
 
 
Expand article

The Impact of Dan???s DNS Debacle on Internet Risk

2008-07-30 08:11:30 by Burton Group in Security and Risk Management Strategies Blog
 
...nature of the attack requires the following An attacker must convince/trick a user into making a DNS request for a domain that doesn???t already exist in their DNS server???s cache. The expectation here is that s/he can be easily tricked into doing this Then, the attacker must simultaneously attack the DNS server by guessing the transaction...
 
Tags: dns, impact, major dns vendors, risk impact revolves, dns servers, servers, risk, dns server implementations, major dns
 
 
 
 
Expand article

A Localized Bankers Malware Campaign

The Article has images
2008-03-25 14:59:06 by HASH0x8b6136c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...nature of the campaign , and the use of a Russian free web space provider as a hosting provider for the malware Now on the cyber deception issue. Basically, you have a malware campaign targeting Portuguese speaking end users, that's been emailed using Brazilian mail servers through a set of hardcoded and already breached local email acounts,...
 
Tags: malware, bankers malware campaign, malware malware, malware campaigns, malicious malware, banker malware, bankers malware, malware authors, campaign
 
 
 
 
Expand article

Week in review

2007-03-11 07:41:17 by Perry Carpenter in Security Renaissance