SEARCH RESULTS
 
Showing 1-10 of 49 records
 
Expand article

Violating OPSEC for Increasing the Probability of Malware Infection

The Article has images
2008-07-11 19:39:32 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...probability of successful malware infection by on purposely lowering down the security settings of Internet Explorer, by adding their malicious netblocks and domains into "Trusted Sites"? You bet The infamous Smitfraud or PSGuard Desktop Hijacker, has been cooperating with known malicious parties for over an year now, a cooperation which...
 
Tags: malware, malware authors, smitfraud, smitfraud infection, successful malware infection, sacrifice operational security, operational security, malware pcs, infamous smitfraud
 
 
 
 
Expand article

Fundamentalism in Risk & Security

2008-07-08 13:16:04 by Alex in RiskAnalys.is
 
...probability issue Now obviously, you can retreat in probability theory a century or so and claim that risk is a Knightian uncertainty and that we just cant know it. Have fun. But you should know that theres the catch - security is also a probability issue. So Im betting that you cant know secure for much of the same reasons Frank Knight would...
 
Tags: risk, share, share specific data, data, agree, probability issue, rob writes, rob, security
 
 
 
 
Expand article

Measuring Vulnerability

The Article has images
2008-04-14 14:31:38 by JonesJ in RiskAnalys.is
...probability associated with whether well be vulnerable to any given threat event. The process of measuring vulnerability is intended to help us understand what that probability is likely to be Simplest approach Perhaps the simplest approach is to identify the threat community youre analyzing risk against and simply estimate your ability to...
 
Tags: threat capability curve, capability, human capability, human threat capability, describe control strength, control strength, capability curve, threat community capability, control
 
 
 
 
Expand article

Mitigating Exploitation Techniques

2008-10-03 00:07:00 by sdl in The Security Development Lifecycle
 
...probability that an attack will be successful. This has led to the need for mitigation techniques that can prevent or otherwise reduce the reliability of a given exploitation technique. In relation to one another, we can think about exploitation techniques as attempting to drive the probability of successful exploitation to 100%, whereas...
 
Tags: techniques, mitigation technique, mitigation, mitigation techniques attempt, exploitation, mitigation techniques, exploitation techniques, successful exploitation attempt, successful
 
 
 
 
Expand article

So Logically, If She Weighs The Same As A DuckShes A Witch!

The Article has images
2008-09-18 14:59:47 by Alex in RiskAnalys.is
...Probability Theory After all, Probability Science like all other fields of knowledge is always advancing as they say. So perhaps probability theory is wrong somehow Im personally disinclined to put the blame here, primarily because I would think that there would be evidence from other fields (like Quantum Mechanics) that something is amiss...
 
Tags: risk, financial risk, poor risk management, operational risk, outcome, exploit outcome, probability, qualitative models, models
 
 
 
 
Expand article

RSA Crypto Panel: Martin Hellman on 0.01% Events

The Article has images
2008-04-10 00:04:00 by jrjones in Jeff Jones Security Blog
...probability as a martin of safety, complacency and low probability events He had one slide - a picture of a glider soaring very low over a runway at the bottom of a high speed, low pass flight. Hellman is a pilot and pointed out that this activity is safe for those that do it 999 out of 1000 times, but went on to talk about how cautious...
 
Tags: probability, low probability events, hellman, martin hellman, low, martin, security, events, non-security folks
 
 
 
 
Expand article

Risks, cost of an attack versus price of encryption

2008-04-18 14:32:00 by Manu Namboodiri in Data Protection, Management and Leakage
 
...probability of the cold boot attack quite right - I think the fact that over 40% of folks do not shut down their laptops while travelling makes this a higer probability. (This number came from a short survey we did in Pittsburgh with around 200 respondents - will provide more details in a forthcoming blog). Now cosider the fact that people...
 
Tags: higer probability, probability, data loss, potential losses due, charlie martin, cold boot attack, data, charlie, short survey
 
 
 
 
Expand article

A Botnet Master's To-Do List

The Article has images
2008-04-26 14:36:23 by HASH0x8ae3c28 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...probability for infection, however, the probability for infection is also proportional with the probability for detection on behalf of researcher's and vendors honeyfarms. And therefore, would less noise would mean slow infection rate, but higher lifecycle due to the less noise generated? The Stormy Wormy people for instance entirely relied...
 
Tags: botnet, commodity malware bots, malware bots, to-do list, wannabe botnet masters, malware, botnet masters, malware botnets, anti malware
 
 
 
 
Expand article

Communicating about risk - part 2

The Article has images
2008-05-20 16:22:24 by JonesJ in RiskAnalys.is
...probability of an event occurring. In fact, you may see explicit probability ranges assigned to each qualitative label (e.g., Very High = 90% to 100% probable ). And, while this seems to be on the right track, there are two problems with it It often doesnt include a timeframe reference. In other words, does the likelihood statement refer to...
 
Tags: risk, managements risk tolerance, enterprise risk tolerance, risk tolerance, likelihood, risk analysis, likelihood connotes, lines, likelihood statement refer