SEARCH RESULTS
 
Showing 1-10 of 43 records
 
Expand article

Violating OPSEC for Increasing the Probability of Malware Infection

The Article has images
2008-07-11 19:39:32 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...probability of successful malware infection by on purposely lowering down the security settings of Internet Explorer, by adding their malicious netblocks and domains into "Trusted Sites"? You bet The infamous Smitfraud or PSGuard Desktop Hijacker, has been cooperating with known malicious parties for over an year now, a cooperation which...
 
Tags: malware, malware authors, smitfraud, smitfraud infection, successful malware infection, sacrifice operational security, operational security, malware pcs, infamous smitfraud
 
 
 
 
Expand article

Fundamentalism in Risk & Security

2008-07-08 13:16:04 by Alex in RiskAnalys.is
 
...probability issue Now obviously, you can retreat in probability theory a century or so and claim that risk is a Knightian uncertainty and that we just cant know it. Have fun. But you should know that theres the catch - security is also a probability issue. So Im betting that you cant know secure for much of the same reasons Frank Knight would...
 
Tags: risk, share, share specific data, data, agree, probability issue, rob writes, rob, security
 
 
 
 
Expand article

Measuring Vulnerability

The Article has images
2008-04-14 14:31:38 by JonesJ in RiskAnalys.is
...probability associated with whether well be vulnerable to any given threat event. The process of measuring vulnerability is intended to help us understand what that probability is likely to be Simplest approach Perhaps the simplest approach is to identify the threat community youre analyzing risk against and simply estimate your ability to...
 
Tags: threat capability curve, capability, human capability, human threat capability, describe control strength, control strength, capability curve, threat community capability, control
 
 
 
 
Expand article

RSA Crypto Panel: Martin Hellman on 0.01% Events

The Article has images
2008-04-10 00:04:00 by jrjones in Jeff Jones Security Blog
...probability as a martin of safety, complacency and low probability events He had one slide - a picture of a glider soaring very low over a runway at the bottom of a high speed, low pass flight. Hellman is a pilot and pointed out that this activity is safe for those that do it 999 out of 1000 times, but went on to talk about how cautious...
 
Tags: probability, low probability events, hellman, martin hellman, low, martin, security, events, non-security folks
 
 
 
 
Expand article

Risks, cost of an attack versus price of encryption

2008-04-18 14:32:00 by Manu Namboodiri in Data Protection, Management and Leakage
 
...probability of the cold boot attack quite right - I think the fact that over 40% of folks do not shut down their laptops while travelling makes this a higer probability. (This number came from a short survey we did in Pittsburgh with around 200 respondents - will provide more details in a forthcoming blog). Now cosider the fact that people...
 
Tags: higer probability, probability, data loss, potential losses due, charlie martin, cold boot attack, data, charlie, short survey
 
 
 
 
Expand article

A Botnet Master's To-Do List

The Article has images
2008-04-26 14:36:23 by HASH0x8ae3c28 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...probability for infection, however, the probability for infection is also proportional with the probability for detection on behalf of researcher's and vendors honeyfarms. And therefore, would less noise would mean slow infection rate, but higher lifecycle due to the less noise generated? The Stormy Wormy people for instance entirely relied...
 
Tags: botnet, commodity malware bots, malware bots, to-do list, wannabe botnet masters, malware, botnet masters, malware botnets, anti malware
 
 
 
 
Expand article

Communicating about risk - part 2

The Article has images
2008-05-20 16:22:24 by JonesJ in RiskAnalys.is
...probability of an event occurring. In fact, you may see explicit probability ranges assigned to each qualitative label (e.g., Very High = 90% to 100% probable ). And, while this seems to be on the right track, there are two problems with it It often doesnt include a timeframe reference. In other words, does the likelihood statement refer to...
 
Tags: risk, managements risk tolerance, enterprise risk tolerance, risk tolerance, likelihood, risk analysis, likelihood connotes, lines, likelihood statement refer
 
 
 
 
Expand article

(Not Really) Stateful IT-GRC Inspecting Threat Management At Gigabit Speeds

2008-07-22 14:41:00 by Alex in RiskAnalys.is
 
...probability problem to solve! Sounds like risk or secure doesnt it So we could view the PCI as a threat community to deal with. This gives us the first angle of what we could call PCIRM (this sort of term begs to be its own acronym, doesnt it?) - the simple creation of a probability statement that says there is some belief that we could be...
 
Tags: pci risk management, risk management, pci dss, pci dss compliance, risk, risk inherent, management, pci, pci concerns
 
 
 
 
Expand article

An Overture to the 2007 CEP Blog Awards

2008-01-09 11:09:46 by Tim Bass in The Complex Event Processing Blog
 
...probability, likelihoodand uncertainty very well (if at all The CEPBlog Award for Advanced Event Processing For a lack of a better term, I call this category advanced event processing. Advanced event processingwill more-than-likelyhave a rule-based and/or a stream-based event processing component. However, to be categorized as advanced event...
 
Tags: term intelligent event, term, intelligent event, event, event processingand, event stream, event streams, category ai-capable event, event processingwill