SEARCH RESULTS
 
Showing 1-10 of 44 records
 
Expand article

U.K's Crime Reduction Portal Hosting Phishing Pages

The Article has images
2008-06-02 00:29:38 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...Reduction Portal which is currently hosting a phishing page - crimereduction.homeoffice.gov.uk/ alcoholorders/Archive070410/poste/cartepr What's special about this incident is that it's becoming increasingly common to come across phishing sites that have been remotely-file-included or SQL injected at vulnerable sites . In ca you remember,...
 
Tags: crime reduction portal, sites, vulnerable sites, tactics phishers, poste italiane, increasingly common, police academy, highly visible, shadow infrastructure
 
 
 
 
Expand article

The First Step on the Road to More Secure Software is admitting you have a Problem

2008-02-21 14:26:00 by sdl in The Security Development Lifecycle
 
...reduction in vulnerabilities compared to Windows XP SP2. Think about that figure for a moment: about a 50% reduction (and that does not account for the reduction in vulnerability severity) despite the increase in code size So if Windows Vista has more code than Windows XP SP2, why are we seeing a reduction in vulnerabilities? Simple: the SDL!...
 
Tags: vulnerabilities, reduce security vulnerabilities, fewer security vulnerabilities, security vulnerabilities, source security bugs, bugs, major microsoft products, microsoft products, security
 
 
 
 
Expand article

Risk ROI for Some Provisioning Solutions

2008-04-19 02:22:29 by Erik T. Heidt in Art of Information Security
 
...reduction, there are also significant risk management and oversight capabilities that can be had All provisioning solutions provide some facilities for Reduction of paper-based processes in favor of electronic requests and work flows Reduction of manual updates in favor of automated entitlement updates All provisioning solution providers...
 
Tags: information security, information, entitlement, entitlement lifecycle, solutions, systems, risk roi, information security podcast, identity
 
 
 
 
Expand article

Economics of secure software

2007-01-21 10:13:02 by RaviC in Musings on Information Security
 
...reduction in cost of ownership for the customer Below is a mathematical representation (not the basis!) for the above statement for the curious Price = Initial Purchase Price of the Product Life = Life Cycle Cost of the Product $ = Y*Price (expressed in terms of multiple of Price TCO = Total Cost of Ownership TCO= Price + Life=Price + Y*...
 
Tags: software, secure, secure product, product, software vendor, software vendors, vendor, price, initial purchase price
 
 
 
 
Expand article

The Ineffectiveness of Security Cameras

2008-04-07 13:33:41 by schneier in Schneier on Security
 
...reduction of larcenies within 100 feet of the cameras. No other crimes were affected -- except for homicides, which had an interesting pattern Murders went down within 250 feet of the cameras, but the reduction was completely offset by an increase 250 to 500 feet away, suggesting people moved down the block before killing each other The final...
 
Tags: cameras, crime, average daily crime, security, crimes, feet, motor vehicle theft, forcible sex offenses, positive deterrent effect
 
 
 
 
Expand article

Summarizing June's Threatscape

The Article has images
2008-07-01 07:05:01 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...Reduction Portal Hosting Phishing Pages - nothing new here since vulnerable sites are to be "remotely file included" and SQL injected to locally host anything on behalf of a malicious party. Risk and responsibility forwarding is one thing, but having a crime reduction portal hosting phishing pages is entirely another. The phishing pages was...
 
Tags: site, fake youtube site, web site defacements, malware, malware hosts, web site defacer, sites, vulnerable sites, malicious
 
 
 
 
Expand article

CLOUD COMPUTING - STORMY WEATHER?

2008-10-27 15:46:17 by Alex in RiskAnalys.is
 
...Reduction, to place WHO ARE WE TO STAND IN THE WAY OF PROGRESS Im always fond of Jacks rule that the role of information risk management boils down to three deceptively simple premises Reduce Risk Reduce Loss Create Operational Efficiencies So it would seem antithetical to the charter of the Chief Security Officer to stand in the way of...
 
Tags: risk management innovation, management, cloud, risk, glba risk, glba, reduce risk, risk reduction, toxic cloud
 
 
 
 
Expand article

Keeping America Safe from Terrorism by Monitoring Distillery Webcams

2008-10-31 11:15:49 by schneier in Schneier on Security
 
...Reduction Agency in the United States When we replied that it was simply a short term technical problem, we asked why on earth they could be interested in the comings and goings of a small Distillery off the West Coast of Scotland. Were there secret manoeuvres taking place in Loch Indaal, or even a threat of terrorists infiltrating the...
 
Tags: chemical weapons convention, chemical weapons, weapons, threat, future wmd threat, mass destruction -chemical, mass destruction, distillery, threat control
 
 
 
 
Expand article

The Return on Investment for Securing Information

2007-08-13 00:00:00 by Sean Kline in Speaking of Security, the RSA Blog and Podcast
 
There have been quite a few blogs written about the Return on Investment (ROI) of security. Amrit Williams has several links in his recent discussion of the topic. This reminds me of some work that I did with BearingPoint on the ROI of a Services-Oriented Architecture (SOA), a similarly challenging area in which to quantify value. The framework...
 
Tags: traditional roi metrics, roi, strategic drivers, distribution channels, difficulty, investment, risk reduction, return, business initiative