SEARCH RESULTS
 
Showing 1-10 of 39 records
 
Expand article

The Arizona Office of the Auditor General finds plenty of holes

The Article has images
2008-06-23 12:28:27 by Evan Francen in The Breach Blog
...weaknesses in computer programs called Web-based applications The Arizona universities combined use at least 205 significant Web-based applications for educational and administrative purposes, such as curriculum and course management, documenting personal information for admissions and financial aid, and processing financial, payroll, and...
 
Tags: information, information security officer, personal information, information security staffs, confidential information, information security, university information, sensitive information, sensitive
 
 
 
 
Expand article

Cloudsecurity.org Interviews Guido van Rossum: Google App Engine, Python and Security

The Article has images
2008-07-01 19:03:10 by Craig Balding in Cloud Security
...weaknesses in Python App Engine. What are your thoughts on his research and specifically the Python issues he highlighted? When do you anticipate they will get fixed GvR: Weve anticipated all of the possibilities raised in Justins talk, and took measures to protect our users. Justin highlighted weaknesses in Python, but not in App Engine....
 
Tags: app engine, google app engine, app, app engine treatment, security, app engine project, app engine crew, secure app engine, security vulnerabilities
 
 
 
 
Expand article

Boston/Cambridge InfoSecurity Events

2007-12-18 19:12:25 by Chris Wysopal in Zero in a bit
 
...Weaknesses - Avoiding and Testing Bob Martin is giving a talk tonight at the Boston Software Process Improvement Network (SPIN) meeting on Software Security Weaknesses - Avoiding and Testing. The meeting is at MITRE in Bedford in the basement conference center of M-Building (the one next to the parking garage). Pizza and discussions at 6pm,...
 
Tags: software security weaknesses, boston, cambridge, held, held tomorrow night, patricks day weekend, basement conference center, talk tonight, talk
 
 
 
 
Expand article

Tall stories from Chinese hackers

2008-03-08 15:53:03 by Stuart King in Stuart King's Security and Risk Management Blog
 
...weaknesses that can be exploited. I'm not going to outright dismiss Chen's claims as being typical hacker arrogance because firstly, I wouldn't be at all surprised if the Chinese government were paying hackers (in the same way that the American government is probably also doing so). What would surprise me would be hearing one of those hackers...
 
Tags: chinese hacker, hacker, typical hacker arrogance, security websites, pentagon, chinese government, cnn, pentagon website hack, hackers
 
 
 
 
Expand article

SSO Summit Day One Morning Session

2008-07-24 13:35:02 by Gunnar Peterson in 1 Raindrop
 
...weaknesses in integration in SOA and Web 2.0 technologies for companies that are *not* using SAML were excellent. Of course, I will go into some more details on this tomorrow Ping's CTO Patrick Harding took the stage and gave an overview of the next generation of SSO options from Kerberos to present and as is his wont demonstrated various...
 
Tags: sso, sso history talk, sso summit, mainframe sso, sso options, sso protocols, real world, real world lessons, authorization internal
 
 
 
 
Expand article

"Tiger Team" Reality TV Show

2007-12-26 07:50:42 by Editor in Schneier on Security
 
On Court TV: This vérité action series follows Tiger Team a group of elite professionals hired to infiltrate major business and corporate interests with the objective of exposing weaknesses in the worlds most sophisticated security systems, defeating criminals at
 
Tags: tiger team, vrit action series, elite professionals hired, security systems, court tv, major business, weaknesses, objective, criminals
 
 
 
 
Expand article

Ask the Auditor: Who is Responsible for Information Security?

2007-12-29 06:24:50 by Editor in Security Links
 
...weaknesses in existing security efforts, along with corresponding opportunities for improvement Helps the board and management understand whether the information security function has the resources, systems, and processes it needs to be efficient and effective Independently validate that the organizations information security program efforts...
 
Tags: information, information security, information policy, information security risks, information assurance, information security governance, information security managers, information security management, assign information security
 
 
 
 
Expand article

Combating Unrestricted Warfare

The Article has images
2007-12-15 09:08:23 by HASH0x8472308 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...weaknesses. They develop surprising partners that sometimes do not even know they are partnersthey will give someone an honorarium to talk at a conference and ask that person for information on associates. They play by a different set of rules. They see offense as a systems problem, while our defense is fragmented All of these reports and...
 
Tags: chinese information warfare, information, information warfare, warfare, cyber warfare unit, cyber warfare, asymmetric warfare, unconventional warfare, warfare employs surprise
 
 
 
 
Expand article

Symantec: Gov't needs to take new cybersecurity steps

2008-01-07 00:00:00 by Grant Gross in Network World on Security
 
U.S. government agencies need to take additional steps to protect against cybersecurity problems after a series of congressional hearings and reports exposed several weaknesses in 2007, representatives of Symantec said
 
Tags: symantec, additional steps, government agencies, cybersecurity, congressional hearings, weaknesses, protect, series, representatives
 
 
 
 
Expand article

Relay attacks on card payment: vulnerabilities and defences

2008-01-09 00:01:52 by Steven J. Murdoch in Light Blue Touchpaper