SEARCH RESULTS
 
Showing 1-10 of 19 records
 
Expand article

Passport Canada web site suffers serious breach

The Article has images
2007-12-05 11:51:09 by Evan Francen in The Breach Blog
...simplistic attacks on web sites available. Change a character and see what happens. Heck, this is a piece of cake to automate with a script and grab ALL the available records. Running a site that acquires and stores confidential data which is vulnerable to the simplest of attacks is ludicrous That data included social insurance numbers,...
 
Tags: passport canada, information, personal information, passport application information, application, breach, passport application site, passport canada spokesman, significant security breaches
 
 
 
 
Expand article

MDAC ActiveX Code Execution Exploit Still in the Wild

The Article has images
2007-12-05 12:08:56 by HASH0x89e6630 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...simplistic assumption that outdated but unpatched vulnerabilities can be just as effective as zero day ones, and when the assumption proved to be true -- take Storm Worm's use of outdated vulnerabilities as the best and most effective example -- it automatically lowered the entry barriers into the world of malware , breaking through the myth...
 
Tags: exploit, day, day vulnerabilities, htm, malware, malware exploitation kit, single exploit urls, vulnerabilities, storm worm apparently
 
 
 
 
Expand article

About Penetration Testing

2008-01-07 09:15:52 by Editor in IEEE Security and Privacy
 
Students generally learn red teaming, sometimes called penetration testing or ethical hacking, as "breaking into your own system to see how hard it is to do so." Contrary to this simplistic view, a penetration test requires a detailed analysis of the threats and potential attackers in order to be most valuable. The author looks at penetration...
 
Tags: penetration, penetration test requires, potential attackers, simplistic view, educational viewpoint, system, contrary, author, ethical
 
 
 
 
Expand article

Network Access Control: Bridging the Network Security Gap

2008-03-03 15:47:30 by Editor in Help Net Security - Articles
 
The business work place has evolved significantly over the last ten years. Back then, networks were far more simplistic; the internet was not a critical business tool, there was far less legislation
 
Tags: business, critical business tool, internet, significantly, legislation, networks, simplistic
 
 
 
 
Expand article

How do you present your security proposition?

The Article has images
2008-04-04 21:18:18 by Editor in Security x.0
...simplistic Here is a couple of examples. Dragos Lungu used a very visual "emotional" style to present on E-Banking Web Application Security and so did we in Introducing Cronto Authentication Platform What do you think? What style do you use? Can you share your presentation? Could we build together a slide deck that could help everyone If...
 
Tags: security, web application security, security professionals, effectively security, presentation, presentation slides, visual, visual delivery style, security vendor
 
 
 
 
Expand article

Mark Rasch Puts Me To Shame

2008-01-23 13:27:00 by Security Retentive in Security Retentive
 
...simplistic and rather brief Today Mark Rasch released a much longer article on this same subject, " Mother, May I. " As usual, Mark gives an excellent explanation of the underlying legal topics - the relation of physical world common law notions and rules concerning trespass. I highly recommend you read Mark's article if you're interested in...
 
Tags: mark, mark rasch, excellent paper, excellent, statutes, computer misuse statutes, law, current law, excellent explanation
 
 
 
 
Expand article

Adding webwise.net into the CNI

2008-04-05 14:13:01 by Richard Clayton in Light Blue Touchpaper
 
...simplistic way The more likely way of subverting what webwise.net resolves to is called DNS cache poisoning. There are several ways of doing this (this Wikipedia article provides a helpful summary), most of which shouldnt work if the ISP has configured their DNS server correctly However fundamental weaknesses in the DNS protocol (relying on...
 
Tags: domain names, purchase domain names, net, dns, dns forgery issue, domain, dns forgery attacks, webwise, net domain
 
 
 
 
Expand article

Not a CISSP

The Article has images
2008-04-18 14:36:41 by Chris Eng in Zero in a bit
...simplistic exam questions or the ones that simply test ones ability to memorize obscure facts Im not claiming that theres no value to holding the CISSP certification. It cant hurt to have some exposure to business continuity planning, for example. The problem, as I stated in the beginning, is that the CISSP title is often interpreted as an...
 
Tags: cissp, cissp certification, security, cissp button, network security, information security, security career, career, cissp title
 
 
 
 
Expand article

Stolen SunGard laptop affects at least 10 post-secondary schools

The Article has images
2008-04-21 14:49:39 by Evan Francen in The Breach Blog
...simplistic terms, data owners dictate what level of protection is required for the data that they own and data custodians apply the designated level of protection. Did the school and SunGard apply the designated level of protection in this case Youd think it would be somewhat secure," Bissell said of his personal information He plans to...
 
Tags: information, personal information, store confidential information, university, university system, data custodians apply, data custodians, information security governance, sungard
 
 
 
 
Expand article

Confidential information sent to PinPay.net and SoftCard.biz is exposed

The Article has images
2008-05-08 13:26:03 by Evan Francen in The Breach Blog
...simplistic demonstration about why it is important to encrypt sensitive information. If the communication had been encrypted, none of the data would have been visible without access to the private key We could go deeper into the server applicat