SEARCH RESULTS
 
Showing 1-10 of 22 records
 
Expand article

Security Incident Strikes and You are on the Hot Seat..

The Article has images
2007-07-27 07:00:39 by RaviC in Musings on Information Security
...Remediation: Deal with the incident and then re-visit the rationale of why this was accepted in the first place. This highlights the importance of documentation such as business risk acceptance form; this will help to cover your rear during security incidents. Make sure to get a business risk acceptance form signed by the business owner. An...
 
Tags: incident, security incident, incident playbook, incident management plan, earthquake incident, sound incident, security incidents, nasty security incidents, plan
 
 
 
 
Expand article

Another stolen Pennsylvania DPW computer, more victims

The Article has images
2007-12-12 15:10:53 by Evan Francen in The Breach Blog
...remediation steps they will need to take Consumers with questions or those who believe they have been affected can call the Philadelphia Change Center at (215) 560-7226 in the Philadelphia area, from 7:30 a.m. to 5 p.m For additional information on identify theft or to learn about steps to take if you believe you have been a victim, visit...
 
Tags: dpw computer, dpw, pennsylvania, pennsylvania dpw computers, dpw clients, pennsylvania department, sensitive personal information, personal information, department
 
 
 
 
Expand article

Flash XSS And Remediation Steps

2008-01-03 00:48:56 by RSnake in ha.ckers.org web application security lab
 
In the wake of the disclosure of Flash vulnerabilities found in thousands of websites, I felt I should probably post something about it. I have read the section of the upcoming book by Rich Cannings and Himanshu Dwivedi , and wont disclose it, as promised to the person who sent it to me until I hear otherwise (if ever - since its a book and you...
 
Tags: flash, flash player, flash player bulletin, flash vulnerabilities, vulnerabilities, adobe, complete solution, secure flash development, solution
 
 
 
 
Expand article

99% PCI Compliance?

2008-01-25 11:58:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...remediation program Is this cool or what I bet it is an "or what Others say " more than a year after the TJX breach first came to light, only 30 percent of retailers are PCI compliant, according to Sophos 2008 Internet Security Report What's the story here? Some numbers are for Visa 'Level 1s' only while others are for all merchants (all...
 
Tags: level, merchants, internet security report, pci compliant, remediation program, compliance, tjx breach, pcidss blog, retailers
 
 
 
 
Expand article

Britain mulling "random" audits to enhance data protection..

2007-11-07 17:41:00 by Manu Namboodiri in Data Protection, Management and Leakage
 
...remediation. But these laws are designed to address post-breach actions; they dont enable the government to check prior to any incident At what point, however, does the public become so fed up, so wary of doing business with companies that apparently treat data in a seemingly cavalier manner, that Congress passes such a law as recommended by...
 
Tags: data, data protection, apparently treat data, personal data, secure data, businesses responsible, current laws, data safe, businesses
 
 
 
 
Expand article

Ramifications of a vulneratibility can run deep

2008-03-28 09:57:07 by Editor in Adventures in Security
 
When an OS vulnerability is announced, remediation is straightforward. Patch each server and move on. The same is true for productivity applications like Office. But what happens when the vulnerability involves a development or Web content production application--a vulnerability not in the application itself, but in the applications or Web...
 
Tags: vulnerability involves, vulnerability, productivity applications, applications, web components, move, application, true, office
 
 
 
 
Expand article

Upcoming conference presentations

2008-03-21 20:56:00 by Russ McRee in HolisticInfoSec.org
 
...Remediation at the 2008 ISSA NW Regional Security Conference on April 23rd, 2008, in Olympia, WA In the same mindset of a "month of browser, Mac OS X, PHP, etc. bugs" I challenged myself to find and report as many XSS (cross site scripting) vulnerabilities as possible in a 30 day period. The result was well more than 100 vulnerabilities in...
 
Tags: conference, xss epidemic, xss, regional security conference, george mason university, epidemic, malcode analysis techniques, 20th annual, incident handlers
 
 
 
 
Expand article

Links List 5.23.08

2008-05-23 13:59:46 by Julia Lim in ScienceLogic
 
...remediation. Certainly tools are maturing and just in time because virtualization, as they point out, pushes the need for tools that really help with the automatic management and administration of systems particular at scale More on Microsoft and systems management from SearchWinIT . Can Microsoft SCOM really play in a cross-platform,...
 
Tags: management, management processes, heterogeneous management environment, automatic management, service management, event management, bsm lite, systems management, microsoft scom
 
 
 
 
Expand article

Can Moodys solve your third party assessment problem?

The Article has images
2008-05-28 12:36:33 by Khalid Kark in Security & Risk Management
...remediation follow-ups. I think this is a very valuable part of the service if Moodys gets it right. They will rely on a quarterly questionnaire and publicly available sources to identify changes in a service provider environment. Thus, it may be a little bit of challenge to get a clear risk picture if the service provider isnt honest in...
 
Tags: service provider environment, service, ratings service, vir service, service providers, service provider, assessment, service provider stays, moodys
 
 
 
 
Expand article

Links List 5.30.08

2008-05-30 20:24:44 by Julia Lim in ScienceLogic