SEARCH RESULTS
 
Showing 1-10 of 1000 records
 
Expand article

Survey: One In Three IT Staff Snoops

2008-06-20 12:29:48 by Dave Lewis in Liquidmatrix Security Digest
 
Only one in three? I would hazard that is being conservative From MSNBC One in three information technology professionals abuses administrative passwords to access confidential data such as colleagues salary details, personal e-mails or board-meeting minutes, according to a survey U.S. information security company Cyber-Ark surveyed 300 senior...
 
Tags: electric cattle prod, colleagues salary details, access confidential data, article link, survey, one-third, personal e-mails, thumb screws, msnbc
 
 
 
 
Expand article

Is an incorrectly implemented security program better than a non-existent one ?

The Article has images
2008-09-03 16:02:00 by Random InfoSec Guy in Security Coin
Think carefully before you answer that one. A large majority of you would be inclined to give a resounding 'yes' - but I really want you to think carefully on this one. Think long term. Think about implementation hurdles, think about project documentation The answer to this IMHO is a big "DEPENDS To explain Imagine you're working in a company...
 
Tags: security, security program, program, security controls, change, leaders change, programs, security programs, roles change
 
 
 
 
Expand article

Spygate in Formula One racing Or: Dont forget your ancient floppy disks!

2008-03-27 16:16:37 by Thomas Raschke in Security & Risk Management
 
For those who didnt know, the Formula One racing series has recently started in Australia and Asia. While high-speed enthusiasts in the US flock to NASCAR or the IndyCar series, the rest of the world is hooked on the F1 racing circus (kind of similar to the situation with football/soccer Anyway, as a security professional you have probably heard...
 
Tags: floppy disks, formula, data theft, massive data theft, data theft channels, teams, profile formula, teams simply, indycar series
 
 
 
 
Expand article

Number One Wordpress Security Step

2008-03-31 02:53:02 by Erik T. Heidt in Art of Information Security
 
So, what is the most important step you can take to keep your Wordpress blog secure Keep the software up-to-date This may sound almost patronizingly obvious, but hold on a second. Every day hackers use unpatched servers or services of one kind or another as the bread and butter of their trade (stealing data, creating Bot networks, selling hacked...
 
Tags: wordpress, step, wordpress security step, wordpress automatic, wordpress development feed, wordpress community, security, wordpress blog secure, blog
 
 
 
 
Expand article

One-third of IT admins admit snooping with privileged passwords

2008-06-20 13:00:00 by Editor in Computerworld Security News
 
One-third of IT administrators surveyed during a recent security conference in London said that they or one of their colleagues have used top-level admin passwords to access confidential information at work
 
Tags: access confidential information, top-level admin passwords, recent security conference, one-third, administrators, london, colleagues
 
 
 
 
Expand article

SSO Summit Day One Morning Session

2008-07-24 13:35:02 by Gunnar Peterson in 1 Raindrop
 
I am at the SSO Summit , high in the Colorado mountains (9200 feet elevation to be exact), the I-70 West sign is one of my favorite road signs. Ping Identity has done a great job putting this together. It is the perfect size around 125 people. Most of the best conferences I have been to have been around 60-150 people. There are a *lot* of...
 
Tags: sso, sso history talk, sso summit, mainframe sso, sso options, sso protocols, real world, real world lessons, authorization internal
 
 
 
 
Expand article

Phishers Backdooring Phishing Pages to Scam One Another

The Article has images
2008-08-07 15:01:50 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
There seems to be no such thing as a free phishing page these days, with phishers scamming one another at an alarming rate according to a recently published research entitled " There is No Free Phish:An Analysis of Free and Live Phishing Kits Cybercriminals attempting to scam other cybercriminals has been happening for years, with old school...
 
Tags: phishers, myspace phishers, campaign, myspace, rock phish campaign, free phish, free, kits, attack
 
 
 
 
Expand article

One of the cool things about my job

2008-01-31 15:59:48 by HASH0x8b5eeb0 in StillSecure, After All These Years
 
Like anyone else there are some days where I just ask myself what am I doing. Daily frustrations, the world not moving at my speed, my atrocious spelling and grammar mistakes all serve to have me ask myself if there is not a better way. However, there are other moments when I positively love what I do. I think the key is making sure those...
 
Tags: final benchmark report, derek, research, derek brink, research process, benchmark, achieve best-in-class results, positively love, moments
 
 
 
 
Expand article

One Sinowal Trojan + One Gang = Hundreds of Thousands of Compromised Accounts

2008-10-31 00:00:00 by RSA FraudAction Research Lab in Speaking of Security, the RSA Blog and Podcast
 
The RSA FraudAction Research Lab would like to share its startling findings based on its tracking and research of the Sinowal Trojan, also known as Torpig and Mebroot . Our findings based on the data we have collected on this Trojan over the course of almost three years including information regarding its design and its infrastructure indicate...
 
Tags: sinowal trojan, trojan, findings based, online bank accounts, login credentials, fraudsters, research, design, share