SEARCH RESULTS
 
Showing 1-10 of 65 records
 
Expand article

Can Chrome be read by a Keylogger?

2008-09-05 15:56:35 by Doug Woodall in The Spyware Biz Blog
 
...pull the cache and index files off your computer and examine them later on another machine these files reside in the C:Documents and SettingsUSERNAMELocal SettingsApplication DataGoogleChromeUser DataDefault folder
 
Tags: local access, chrome, chromes history, index files, machine, security nightmare, datadefault folder, financial information, bank accounts
 
 
 
 
Expand article

Locked Call Boxes and Banned Geiger Counters

2008-01-18 07:44:31 by schneier in Schneier on Security
 
...pull boxes were kept locked. Why were they kept locked and how did a person gain access to 'pull the box A: They were kept locked due to false alarms. Nearby shopkeepers or beat cops carried the keys Here's Robert Cromie, writing in The Great Chicago Fire (Thomas Nelson: 1994), page 33: William Lee, the O'Leary's neighbor, rushed into Goll's...
 
Tags: boxes, false fire alarms, fire, fire alarms, false alarms, prevent false alarms, alarm boxes, alarm, chicago fire
 
 
 
 
Expand article

More on Hating Agents

2008-02-13 14:54:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...pull or push data (e.g. HTTP upload added risk: new open ports (in case of log pull) or running services (in case of upload or log push) on all systems added risk: log management system might store credentials for remote access (sometimes admin) thus exposing them for compromise (especially if you don't use appliance added hassle: you need to...
 
Tags: log management tool, log management, log management system, agents, remote, management, remote agent, agent, agents evil
 
 
 
 
Expand article

Nice GRC write-up and how it relates to log management initiatives

2008-03-24 13:34:00 by Ryan Shopp in practical risk management
 
...pull scores/results/data from these products into that model to go along-side data gathered from controls that can't be instrumented with software (e.g., people, processes, procedures, physical). As mentioned in previous posts , without this other side of the coin you're not getting a complete picture of risk/compliance/governance So if you...
 
Tags: grc, grc products, software products, software, products, security, log management, log, security vendors
 
 
 
 
Expand article

The new e-discovery rules - what they mean for your company

2006-11-30 06:26:27 by Administrator in Email security & compliance blog
 
...pull their socks up and get serious about managing their electronic records The good news is that under the new rules, the court must now recognize that a company is not able to retain all records and will not be sanctioned if a document is deleted in good faith: Absent exceptional circumstances, a court may not impose sanctions under these...
 
Tags: rules, discovery, electronic discovery rules, address e-discovery issues, court, federal court, records, electronic records, company
 
 
 
 
Expand article

Picasso Stolen from Brazilian Museum

2007-12-27 13:41:36 by Editor in Schneier on Security
 
A professional job: The thieves used a hydraulic car jack to pry their way past the pull-down metal gate that protects the museum's front entrance. Then, they smashed through two glass doors, probably using a crowbar, to get to the
 
Tags: hydraulic car jack, professional job, glass doors, front entrance, pull-down metal, museum, crowbar, pry, protects
 
 
 
 
Expand article

More on Security vs Risk

The Article has images
2007-12-21 11:57:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
So, I was reading some survey and came across this bizarre, mind-boggling (maybe even 'mind-numbing?') picture How can security be THAT disconnected from risk? Can somebody explain this to me? (Please don't explain by stating "crappy survey methodology" - I can pull this one myself, thank you very much Mr Hoff, can you help here About me:...
 
Tags: survey, crappy survey methodology, security, explain, risk, org, bizarre, pull, hoff
 
 
 
 
Expand article

Reliability Vs. Security

2007-12-07 16:46:00 by sdl in The Security Development Lifecycle
 
...pull the band-aid off all at once or endure it a little at a time. The pain is equally unacceptable There is one point I will readily cede to the reliability community: they can teach the security community a thing or two about analyzing data. Metrics are an often-used if still imprecise reliability tool. The use of Bayesian statistics,...
 
Tags: folks, reliability folks deal, reliability, reliability folks, security, bugs, reliability bugs, reliability analysis, software reliability
 
 
 
 
Expand article

The ART of Event Processing: Agility, Reuse, Transparency

2008-01-18 09:49:13 by Tim Bass in The Complex Event Processing Blog
 
...pull up our insider trading key indicator models. These models are stored in XML format and viewable in our graphical KI design studio. We can print out the KI models for insider trading if you like! and the smiling auditor says Thank you, your system is much more transparent than the last place we visited This scenario also applies in...
 
Tags: simple laymans terms, laymans terms, event, terms, transparency, cep blog, blog, reuse, white box event
 
 
 
 
Expand article

IP Addresses Are Considered Personally Identifiable Information in the EU

2008-01-22 15:39:31 by RSnake in ha.ckers.org web application security lab
 
...pulled from a third party. That third party gets things like referrers and, what else, IP addresses! Sorry, say goodbye to third party ad revenue! Yes, that means you, Adsense and Overture! People can no lon