RSS Alerts

Tag Cloud

blackhat seo Rogue AV Web Security virus spam compromised sites malware WiFi

Bloggers

Blog

Follow and talk to Infosecurity's bloggers.

Follow Infosecurity's bloggers as they share their thoughts on the industry, technology, and much more. Our bloggers have been selected for their industry expertise. They welcome interaction, so we encourage you to add your opinions to theirs.

0
comments
PCI, AV and a life vest
A good friend of mine over at NetIQ, Todd Tucker, recently blogged about some of the frustrations he sees when looking at the failure of PCI as a security standard (or rather, the failure of those organizations who pay lip service to compliance) and especially the oddly heavy emphasis given to ...
Posted 25 August 2010 by Geoff Webb
tags: PCI DSS , anti-virus , malware
0
comments
Should RIM hold its line on the BlackBerry?
Encryption is the sort of topic that rarely makes it into the mainstream media, but the recent hoopla over BlackBerry security, namely its encryption procedures, has drawn the ire of governments throughout Asia. India, the UAE, Saudi Arabia – all have taken issue with BlackBerry services and ...
Posted 18 August 2010 by Drew Amorosi
tags: encryption , BlackBerry , compliance & policy
1
comment
I-Coverage
I wanted to comment a little on the recent stir concerning the vulnerabilities on the iPhone (iPad, iTouch, I-Robot.  No, wait, that's a movie.) I think the level of interest in this vulnerability (and there's been a lot on security blogs in the past couple of days) speaks volumes about the gr ...
Posted 13 August 2010 by Geoff Webb
tags: Security , iPhone , Android , Blackberry
0
comments
Adobe CS7 Searches Saturated With Dangerous Results
Looking to save a few bucks on software will almost always lead users down a dangerous path. Users either end up at “OEM Software” sites offering unlicensed and illegal software, or to downloading cracks or keygens laced with malware.  One of the big issues here is that the ...
Posted 30 July 2010 by Patrick Walsh
tags: oem software , malware , blackhat seo , pagerank bomb , adobe , microsoft
0
comments
Microsoft and Adobe: Collaboration Against Threats
You know my opinion on collaboration between countries, on public-private-partnerships, as well as on collaboration between companies. For quite a while we have been running a program called MAPP – the Microsoft Active Protections Program – where we share vulnerability in ...
Posted 28 July 2010 by Roger Halbheer
tags: Vulnerabilities
0
comments
WPA2 Exposed with 'Hole 196' Vulnerability
Until now, the WPA security version known as ‘WPA2 (AES encryption) with 802.1x authentication’ was considered as one of most secure WiFi deployments by most wireless security experts. This is due to the resilience of this version to brute force dictionary attacks that can possibly ...
Posted 23 July 2010 by Ajay Gupta
tags: WiFi , WPA2 , Hole 196 , TKIP , WiFi Security
0
comments
It's all about WHO
“I KEEP six honest serving-men  (They taught me all I knew); Their names are What and Why and When  And How and Where and Who.” – Rudyard Kipling As I look at the sorts of problems that even the largest, most mature organizations are dealing with, many times I ...
Posted 08 July 2010 by Geoff Webb
tags: Security , identity , access management
0
comments
Cloud Computing: Benefits and Risks of Moving Federal IT into the Cloud
July 1st: Scott Charney, Corporate Vice President Trustworthy Computing was testifying at a hearing of the House Committee on Oversight and Government Reform. Basically the hearing was on the benefits and risk of Cloud adoption for the US government. If you are interested in reading his full testimo ...
Posted 06 July 2010 by Roger Halbheer
tags: Cloud , Governments
0
comments
Secure WiFi Networks: WiFi Alliance and Legal Authorities Coming Forward
  WiFi, today, has become a near ubiquitous technology, used by most of us, with our WiFi enabled gadgets, while we are at offices, homes, public places or while traveling. However, awareness about WiFi security is still lacking and practice of configuring poorly secured or unsecured WiFi netw ...
Posted 05 July 2010 by Ajay Gupta
tags: WiFi Security , WiFi Alliance , WiFi , WEP , WPA , WPA2 , Ad hoc
0
comments
Do Enjoy 'One Click' Free WiFi at Starbucks, but Safeguard Your Privacy
Six months after McDonalds started offering free WiFi, Starbucks also announced it would provide complimentary WiFi service, starting July 1, 2010. As mentioned by Starbucks, the free WiFi will be unlimited and requires just one click, without the need of a username/password to go onl ...
Posted 01 July 2010 by Ajay Gupta
tags: WiFi , WiFi Security , Starbucks , Hotspot , EvilTwin
0
comments
Russian Spies in the US: Corporate Spies Could Follow their Communication Methods
As reported recently, Russian spies in US used private WiFi networks as a means for secret communications. These networks were found to be operating in the ad hoc mode (also knows as peer-to-peer mode) in which two or more WiFi clients can directly communicate with each other over WiFi links without ...
Posted 30 June 2010 by Ajay Gupta
tags: WiFi Security , WiFi , WiFi ad hoc , WiFi monitoring , WIDS
0
comments
Red Button SEO Poisoning and Malware Campaign
eSoft researchers have been tracking a new campaign by cybercrooks, compromising and creating websites for use in SEO poisoning and malware distribution. Thousands of these sites have been detected that use elaborate techniques to trick search engines and are ready to serve malware in an i ...
Posted 30 June 2010 by Patrick Walsh
tags: malware , blackhat seo , pagerank bomb , web security , exploits
0
comments
WiFi malfunction at iPhone 4 launch reinforced the need of Wireless Intrusion Detection Systems (WIDS)
An after look into the cause of WiFi malfunction experienced by Steve Jobs during the recently conducted iPhone 4 launch at Apple's flagship Worldwide Developers Conference (WWDC) has revealed that around 500 mobile hotspot networks were operational at the time of conference. Most of these ...
Posted 29 June 2010 by Ajay Gupta
tags: WIDS , WIPS , WiFi , WiFi Security , iPhone
0
comments
Google’s WiFi Snooping Controversy Is a Wake-up Call to Stop WiFi Malpractices
The ongoing storm over Google's collection of private WiFi data doesn't seems to be ending anytime soon. It all started when German authorities asked Google to audit the WiFi data collected by Google's Street View cars and Google responded to this by re-examining the collected data. The re-examinati ...
Posted 25 June 2010 by Ajay Gupta
tags: Wireless Security , WiFi , WEP , WPA/WPA2
0
comments
Proposed cybersecurity bill: stop calling it a “Kill Switch”
Unless I am mistaken – and not being a lawyer, this is a distinct possibility – but the cybersecurity bill proposed in the senate earlier this month does nothing to create a so-called “kill switch” for the internet, one that would allow the president to disable the entire int ...
Posted 22 June 2010 by Drew Amorosi
tags: cybersecurity , public sector , public policy , cyberattack
0
comments
Who's On First?
It’s hard not to love Abbott and Costello. The“Who’s on first” routine has become a staple of Americana even for foreign transplants like me. But if figuring out the identity of who is on second base (no, wait, that’s What on second, right?) is so hard when we’re ...
Posted 18 June 2010 by Geoff Webb
tags: Security , Active Directory , Group Policy
0
comments
The Importance of International Collaboration –Even in Exercises
One of the biggest challenges in Critical Infrastructure Protection or Incident Response is collaboration. Collaboration between the public and the private sector as the private sector is most often running the critical infrastructure; collaboration between different governments as well, as incident ...
Posted 16 June 2010 by Roger Halbheer
tags: Critical Infrastructure Protection
0
comments
Should the Government be able to enforce security updates?
This is actually an interesting question. A lot of governments enforce rules and regulations on how you have to run your car, how often you have to check it, in which condition you have to keep your tires, etc. The same is true for a lot of other devices we are using. Now, it seems that the US just ...
Posted 12 June 2010 by Roger Halbheer
tags: Legislation , Cybersecurity
0
comments
New Email Phish Targets Twitter Users, Abuses Google Groups
A new twitter spam campaign is making rounds, infecting users with rogue anti-virus malware. The spam mail attempts to convince the user that someone was trying to steal their Twitter account information, and to download a “secure module” to protect their account. The email that begi ...
Posted 08 June 2010 by Patrick Walsh
tags: twitter , malware , virus , compromised sites
0
comments
135 000 Fake YouTube Pages Delivering Malware
The eSoft Threat Prevention Team has uncovered thousands compromised web servers hosting fake YouTube pages. Attempting to play the video on these fake pages prompts the user to install a ‘media codec’ which then infects the machine with malware. The fake YouTube pages are well ...
Posted 07 June 2010 by Patrick Walsh
tags: compromised websites , youtube , malware , virus
2
comments
Security, Cloud and a Little Pixie Dust
When Peter Pan is trying to convince Wendy to fly, he tells her all she needs is “Faith, trust, and a little Pixie dust.”  Which, to be fair, appeared to work for the lost boys.  In this piece published here on Infosecurity, it sounds a bit like Microsoft is advancing the same ...
Posted 01 June 2010 by Geoff Webb
tags: not tagged.
0
comments
Hacking the human body
Years ago I was sitting in a healthcare event, when a researcher was talking (very excited) about the idea of having a pacemaker with Bluetooth access to fine-tune the system and read information from the sensors. Even though this might medically be a great idea, I would be fairly reluctant having s ...
Posted 27 May 2010 by Roger Halbheer
tags: not tagged.
0
comments
Identity in the Cloud
Kim Cameron, one of our key identity architects had an interesting presentation on identity in the cloud and a corresponding interview. Both are worth looking at if you are planning to move into the direction of the cloud. Especially as it is definitely one of the key challenges: This is Kim's pres ...
Posted 25 May 2010 by Roger Halbheer
tags: Cloud , Identity
1
comment
Outsourcing Insider Attack?
I know one or two other bloggers have spotted the following news piece too, notably Bruce Schneier, but it’s hard to pass up an opportunity to not only comment, but to draw some wider parallels with other market trends in IT. The BBC reported a few days ago that the good folks at Charlapally C ...
Posted 20 May 2010 by Geoff Webb
tags: Security , insider attack , sensitive data , cloud
0
comments
Phishing Scams Lure Twitter Users
The newest phishing scam on Twitter has snared thousands of users hoping to increase their number of followers.  Instead, users are sent off to a phishing page where cybercriminals steal their Twitter logins using them to generate more spam. Thousands of spam messages are floating around on ...
Posted 14 May 2010 by Patrick Walsh
tags: Phishing , Twitter , Spam
2
comments
HITECH, breaches, and a little sunlight
A good article in InfoSecurity on May 5th on the HITECH act got me thinking (as good articles should) about health records, security, and well, all things HIPAA-ish. I certainly agree with much of what was said, and I think it’s clear that the pressure is ramping up rapidly to not only comply ...
Posted 13 May 2010 by Geoff Webb
tags: HITECH , PCI DSS , data breach , compliance
0
comments
Google Groups Latest Hot Spot for Rogue AV and Malware
eSoft researchers have been tracking a recent campaign abusing Google Groups to spread malicious links in Spam emails. Users following the link are infected with a Downloader Trojan, silently infecting the machine with various types of malware including Rogue Anti-Virus. The scam starts with an e ...
Posted 12 May 2010 by Patrick Walsh
tags: spam , virus , malware , compromised sites
0
comments
Looking back at Infosecurity Europe 2010
Late April was highlighted by my first trip to Infosecurity Europe in London. While I understand that this event received its fair share of criticism in the press for being past its prime, there were certainly aspects of the conference that made it worthwhile to attend. (In all fairness, I must disc ...
Posted 10 May 2010 by Drew Amorosi
tags: cybersecurity , Infosecurity Europe
0
comments
Pharma-Fraud Continues to Dominate Spam
Have you taken a look inside your Spam folder recently?  Without a doubt you’ll find the folder full of pharmacy Spam, pitching everything from Cialis and Viagra to Vicodin and Hydrocodone.  The problem is almost none of the linked web sites are legitimate certified pharmacies. Ph ...
Posted 22 April 2010 by Patrick Walsh
tags: pharma-fraud , spam , fraud
0
comments
A Detailed Analysis of an Attack – Do We Need an International Incident Sharing Database?
I recently came across a paper called Shadows in the Cloud, which is actually a follow-up report of Tracking GhostNet: Investigating a Cyber Espionage Network, an investigation of the attacks on the office of the Dalai Lama and some governmental bodies. The report is written by two bodies who had th ...
Posted 21 April 2010 by Roger Halbheer
tags: Cybercrime
0
comments
Tiger Woods (Searches) Not to Be Trusted
Tiger Woods’ personal life and marital affairs have attracted constant attention from the press and has certainly damaged his public reputation.  With his return to the Masters, Nike has released a new commercial in an effort to rebuild Woods’ image.  This compelling commer ...
Posted 08 April 2010 by Patrick Walsh
tags: malware , blackhat seo , pagerank bomb , rogue av
0
comments
Affiliate Programs Rising Cause of Fraud and Abuse
What happens when you offer up money to anyone who can drive traffic to your website? Hackers, scammers, spammers and fraudsters come to your aid. That’s the case with online movie site zml.com, which offers 30% of each sale and 5% of rebills paid via anonymous means to anyone who re ...
Posted 05 April 2010 by Patrick Walsh
tags: web security , spam , affiliate , abuse
0
comments
Council of Europe – Octopus Conference (Cooperation against Cybercrime) – Key Messages
I blogged on Day 1 and Day 2 but as I expected, I was unable to blog yesterday on the conference. However, let me just briefly give you my impression of the final day: The core part of this last day was a whole block on Cloud Computing. There were different presentations on the subject and then a p ...
Posted 26 March 2010 by Roger Halbheer
tags: not tagged.
0
comments
Council of Europe: We need ONE Cybercrime Convention
As you saw from previous posts, I am at the Octopus Conference on Cooperation against Cybercrime at the moment. We had yesterday the Deputy Secretary General of the Council of Europe and one of her key statements was that different bodies (like the Council of Europe, UN etc.) should not compete. The ...
Posted 24 March 2010 by Roger Halbheer
tags: Legislation , Cybercrime
0
comments
Council of Europe – Octopus Conference (Cooperation against Cybercrime) Day 1
A few years ago, the Budapest Convention on Cybercrime was signed within the Council of Europe. Since then it was ratified all across the globe by a lot of countries or at least used as the base for legislation. The Council of Europe is organising a conference on Cooperation against Cybercrime, call ...
Posted 23 March 2010 by Roger Halbheer
tags: Cybercrime
0
comments
Cinderella Story Leads to March Madness Malware
The first week of March Madness has brought about many compelling stories, with a good deal of upsets and bracket busters. The most newsworthy of these has been the University of Northern Iowa’s ousting of #1 overall seed Kansas. This ‘Cinderella’ story has deservedly gotten a grea ...
Posted 22 March 2010 by Patrick Walsh
tags: blackhat seo , malware , rogue av
0
comments
Virus Alert! Twitter, Google, Hallmark and Others Subject To Attack
The eSoft Threat Prevention Team is warning customers today of a new email scam circulating very quickly.  These fraudulent emails claim to be from Google Staffing, Hallmark, Twitter as well as other social networks and legitimate businesses. The email persuades the user to open the attached ...
Posted 05 March 2010 by Patrick Walsh
tags: virus , bot , spam
0
comments
Making the Management of Security Compliance Easier!
As you all know, I have two main pet themes: Risk Management and Compliance Management as I see very often that there is room for improvement when it comes to such processes within our customers. Internally, we often think about how we can make it easier for our customers to manage compliance in the ...
Posted 18 February 2010 by Roger Halbheer
tags: Compliance , Policy
0
comments
Hotmail Users Look for Answers in Dangerous Places
An outage of the Windows Live ID service affected a large number of MSN users today, including users of the popular Hotmail email service. Hotmail is one of the largest web-based email outlets and not surprisingly news of the outage spread quickly as users were not able to access their email. Th ...
Posted 17 February 2010 by Patrick Walsh
tags: Blackhat SEO , PageRank Bomb , Rogue AV , Fake AV , Rogue Anti-Virus
0
comments
IRS Tax Avoidance Scam
Today, eSoft is alerting customers to a new targeted email scam. This newest twist to the common IRS email scam seems to be targeted to organizations, notifying the recipient of a tax evasion complaint being filed against the company. Opening the file infects the user's machine with dangerous t ...
Posted 08 February 2010 by Patrick Walsh
tags: Fraud , Virus , Malware , Scam
0
comments
Fake Firefox Update Pages Push Adware
Since its’ release on January 21st, the newest version of the Firefox web browser has received a great deal of attention. In just a short time it has achieved over 30 million downloads. Adware pushers are capitalizing on the success of Firefox, packing ad serving software in with the prog ...
Posted 03 February 2010 by Patrick Walsh
tags: firefox , adware , web security
0
comments
SPAM! Well, it's finally caught up with me - as confirmed by the research
I have lots of email addresses, but there's one that I use as the main catch all one, it’s the one I usually give to most people, and it's the one account I like to clean and clear out regularly. Because it is the most publicised one of all my many accounts, it's the only one that I receive SP ...
Posted 02 February 2010 by Sarb Sembhi
tags: not tagged.
0
comments
I've been hacked - Give me back my money
I recently read a story where a business bank customer had $800K stolen from her business account, and although the bank has been able to recover $600K, there is still the outstanding $200K. The customer is claiming that the bank lacked good security, and the bank is claiming that it had good securi ...
Posted 02 February 2010 by Sarb Sembhi
tags: not tagged.
0
comments
Super Bowl associations: football, nachos, big screens and … malware?
The Super Bowl is the one of the biggest and most watched television events of the year in the United States. People everywhere scour the internet looking for predictions, gambling spreads and news before the event and scores, stories and clips after the event. In anticipation of the increased ...
Posted 19 January 2010 by Patrick Walsh
tags: Blackhat SEO , PageRank Bomb , Web Security , Rogue AV , Google Search
0
comments
Lack of Egress Filtering Spurs Success of Injected IFrame Attack
The security community at large and the eSoft Threat Prevention Team have recently noticed an uptick in sites compromised by a new injection attack that results in an injected iframe. This attack can be recognised by its attempts to masquerade the malicious script as GNU, GPL or LGPL.  GPL and ...
Posted 18 January 2010 by Patrick Walsh
tags: Web Security , Injection Attack
0
comments
MTaS: Malware Testing as a Service
Well, in my last post I wrote about the prices for malware. Today I read the next evolution of this: The possibility of having malware tested against anti-malware tools – not to make sure malware is really recognised, no, the other way round: To make sure it is not recognised. I read this art ...
Posted 05 January 2010 by Roger Halbheer
tags: not tagged.
0
comments
The Cybercriminal’s Wish List
I know that Christmas is over and I know how my kids actually compile a Wish List: They take most of the ads (which are targeted to them) and glue them onto a piece of paper for mum and dad to make sure that everything can be found under the Christmas tree… I guess you know the drill. If you ...
Posted 01 January 2010 by Roger Halbheer
tags: not tagged.
0
comments
Live.com Exploited as Pharma-Fraud Cover
The FDA crackdown on online pharmacy sites has driven a lot of attention to illegal and fraudulent online pharmacies and in particular to their methods for tricking people to visit their sites. These practices include prolific spam and search engine poisoning. eSoft’s Threat Prevention Team h ...
Posted 23 December 2009 by Patrick Walsh
tags: Spam , Fraud , Pharma-Fraud
0
comments
Boeing 787 searches hijacked by rogue anti-virus
Today, the Boeing 787 Dreamliner jet completed its much awaited first flight. As users searched to find videos and news articles related to the story, blackhats quickly moved in for yet another attack against Google search results. The most popular search for several hours today was “787 fi ...
Posted 16 December 2009 by Patrick Walsh
tags: Web Security , Rogue AV , Google Search , Blackhat SEO
0
comments
Beware of MySpace JPG File Downloader - GTALK Messenger Infection
The malware infection attack surface is increasing day by day. Recently, some of the infected machines with different malware classes such as file downloader are using GTALK for downloading JPG based files from the internet. Actually this file is not a JPG file but a zipped file that contains an ex ...
Posted 15 December 2009 by Aditya K Sood
tags: Malware , Messenger
0
comments
CIO required - security background essential
Normal 0 false false false EN-GB X-NONE X-NONE ...
Posted 11 December 2009 by Sarb Sembhi
tags: programming background , security professionals , security background , CIO
0
comments
Dedicated Spamming - NING House of Hackers Network
The internet world has become a playground for spammers. Every day there is a new attack pattern. You will find one or another social networking website facing this problem. The reason for this trend is the centralised working of these websites. The interconnection among identities have helped the s ...
Posted 11 December 2009 by Aditya K Sood
tags: WEB , Spamming , Ning , hackers , spam
0
comments
Get Safe Online: Don’t be a Money Mule
You know, there are people who blog late, there are people who blog very late and then there is me… I actually missed that one even though I was triggered: Mid November there was the Get Safe Online Week 2009 in the UK. Usually they do really good stuff and this is the reason I usually blog ...
Posted 04 December 2009 by Roger Halbheer
tags: Consumer
0
comments
Reverse Honey Traps - Beating Online Anti-virus Engine in its Own Game
The web is ever changing arena. Online anti-virus engines provide a diversified functioning of analysing a malware executable thereby providing efficient analysis. This is an online democracy of anti-virus engines. But every positive entity can be transformed into a playground and players can be be ...
Posted 25 November 2009 by Aditya K Sood
tags: Antivirus , Honeytraps , Web
0
comments
Blackhats Unleash Fake Blog Campaign Spreading Rogue AV
In September, eSoft reported as many as 720,000 compromised sites hosting fake blog pages and being used to distribute rogue anti-virus programmes. Many of these sites are still active and continue to plague searches with malicious results. Earlier today, Cyveillance issued this report of a nearl ...
Posted 18 November 2009 by Patrick Walsh
tags: web security , compromised sites , rogue AV , malware
0
comments
CoolerEmail Hit by Phishing Scam
CoolerEmail is notifying customers of a new phishing scam used to steal login credentials. The web based email marketing programme carries an impressive client list including Walmart, Toyota, Pepsi and dozens of other big name brands. Any phished credentials can be used to impersonate these companie ...
Posted 13 November 2009 by Patrick Walsh
tags: Phishing , Web Security
1
comment
Ten Computer Hacks In The Movies
Some of the most successful blockbuster films released in the last two decades have been themed on the potential destruction that computer hackers can cause. Here are some of Hollywoods top hacking themed movies. Swordfish A secretive renegade counter-terrorist co-opts the world's greatest hac ...
Posted 29 October 2009 by Slack Alice
tags: movie computer hackers , hacks in the movies , hacking in films
0
comments
Compromised Web Servers Host Koobface Malware Cocktail
The Koobface gang has struck again using compromised web servers to deliver a potent mix of malware. eSoft threat researchers have found hundreds of newly exploited sites hosting malware which includes downloaders, keyloggers and multiple variants of the Koobface worm. Attackers using compromised ...
Posted 21 October 2009 by Patrick Walsh
tags: Web Security , Koobface , Social Networking , Social Engineering , Compromised Sites
0
comments
Unresolved Compromised Fox Sports Host Heading Into Third Week
eSoft first detected a compromise on the Fox Sports website two weeks ago and as of today, at least one Fox Sports host continues to contain automatic links to a multitude of dangerous exploits.  Even with media coverage and direct emails, this compromised host has not be taken offline or clean ...
Posted 17 October 2009 by Patrick Walsh
tags: Compromised Sites
0
comments
AJAX-JSON - Inside Crux
The development is occurring at a rapid pace. The innovation is going on. The web is transitioning from the web 1.0 to web 2.0. The implementation structures of various technologies have changed. The Web 2.0 has revolutionized the web in a stringent manner from all the perspectives. The Asynchronous ...
Posted 13 October 2009 by Aditya K Sood
tags: AJAX , JSON , Web 2.0
0
comments
Recapping the Fox Sports Website Compromise
On October 2nd eSoft published a blog warning visitors of the Fox Sports website about compromised pages with the potential to serve malicious software. To date, the threat remains on their website despite direct warnings to Fox Sports webmasters and domain contacts of the infection. This website ...
Posted 09 October 2009 by Patrick Walsh
tags: Compromised Sites , Web Security
3
comments
Web 2.0 – Truth and Lies in AJAX World
Web 2.0 has metamorphosed the complete scenario of internet. In the AJAX world, most of the working functionality is derived by efficient technology methods and ingrained software dependency. In order to scratch deep down the bottom the differential aspect of this technology must be understood. The ...
Posted 08 October 2009 by Aditya K Sood
tags: AJAX , JSON , WEB 2.0
0
comments
The Africa Cable – A Chance for Africa! – A Threat for the Internet?
The development in Africa especially with the new broadband services to me is a huge chance for the whole continent. I just found a map (Image 1) on the next two years. Even though I have not been in Africa over the last few months, I heard that in different cities fiber is brought directly to the ...
Posted 07 October 2009 by Roger Halbheer
tags: Trends , Broadband
1
comment
Why Linux servers are more secure than Windows
The Linux/Windows debate is an oldie but a goodie, and there have been many long threads on most computer related forums discussing their relative merits. Linux is free, open-source and community based. Windows is expensive, professionally developed and has effectively held a monopoly over the sof ...
Posted 06 October 2009 by Slack Alice
tags: linux , it security , microsoft windows , servers
0
comments
Your password isn't safe - take this simple test to find out how many minutes it would take to crack
There's a well-known saying in information security that the weakest part of any computer system is the person using it. One area where this becomes abundantly clear is in the use of passwords. Allowing users to choose their own passwords can be fatal, with most people not having the first clue abou ...
Posted 06 October 2009 by Slack Alice
tags: online security , passwords , hacking
0
comments
When hacking is legal
The Merriam-Webster dictionary gives two different definitions of “hacker” related to computer security. A hacker is either “an expert at programming and solving problems with a computer” or “a person who illegally gains access to and sometimes tampers with information ...
Posted 06 October 2009 by Slack Alice
tags: hacking
0
comments
Why retina scanning works better for James Bond than it ever would for us
Since the late 80s retinal scanning has been featured in a whole bevy of sci-fi and action films. It's been the security system of choice for some of the silver screen's top spies: James Bond used it in GoldenEye and Ethan Hunt in the Mission Impossible movies. As a result, whilst retinal scanning m ...
Posted 06 October 2009 by Slack Alice
tags: retina scanning , james bond
0
comments
Which famous Twitter accounts have been hacked?
Early in 2009, Twitter suffered two major security lapses. Once when a wave of highly successful phishing campaigns were successful in obtaining a lot of Twitter passwords, and then again when an 18 year old hacker and student of computer games development brute-force'd an administrator account. In ...
Posted 05 October 2009 by Slack Alice
tags: twitter , hacking , barack obama
0
comments
Thoughts on the registered traveler programmes at airports
When I entered the US this time, I got a brochure on how I could avoid the line at immigration and just get a fast track by registering with the Global Entry Program, a programme, which would pre-screen me and then I just have to register with a machine by entering the US. As I understand, this is a ...
Posted 30 September 2009 by Roger Halbheer
tags: Privacy , Processes
0
comments
Hey, You, Get Off of My Cloud
I recently had different discussions with different customers and we were looking into the key questions to ask, when you plan to move to the cloud (yes, I am working on a corresponding blog post). I was then asked whether we have an answer to these questions – well no. For sure not for a ...
Posted 27 September 2009 by Roger Halbheer
tags: Cloud Computing
0
comments
Why it pays to be secure - Chapter 2 - Vulnerabilities
The Microsoft Security Intelligence Report (SIR) provides an in-depth perspective on the changing threat landscape including software vulnerability disclosures and exploits, malicious software (malware), and potentially unwanted software. http://www.microsoft.com/security/portal/sir.aspx Updatin ...
Posted 23 September 2009 by Roger Halbheer
tags: Business Value
0
comments
Moving to the Cloud: Where it worked and where I was challenged
I am running a whole environment at home to experience our technology. However, up to now it was all “on premise”, no Cloud integration. This has to change. Therefore I was more than happy to join our internal  Hosted Exchange 14 beta program. We are offering the hosted Exchange pro ...
Posted 21 September 2009 by Roger Halbheer
tags: Cloud Computing
0
comments
Microsoft SDL Team Releases New Security Testing Tools
I often mention that we try to give you all the tools we have as long as it makes sense form a risk perspective. The risk perspective is a simple one: If we give it to you as our customer, we give it as well to the criminals. There are two new tools which just made the bar and which are now release ...
Posted 16 September 2009 by Roger Halbheer
tags: Development
3
comments
H1N1 (Swine) Flu Preparedness - Guide for Critical Infrastructure and Key Resources
This morning I stumbled across a guide by the US Health & Human Services with regards to H1N1. Even though it did not catch much news lately I am not sure whether it is really over. Staying prepared it definitely not a bad thing. Even though it is US-centric, you should probably look into it: ht ...
Posted 16 September 2009 by Roger Halbheer
tags: Incident Response
0
comments
French mobile data, VPNs and email
Just got back from a 10-day holiday in Paris, which was great, apart from the fact that, as many IT professionals will understand, you still need to stay on top of your email. I could have taken my trusty Blackberry, but since my journalist's job involves a lot of web surfing, I really needed a not ...
Posted 14 September 2009 by Steve Gold
tags: BUSINESS VALUE , AUTHENTICATION , VPN
0
comments
Why it pays to be secure - Chapter 1 - Data Breaches
In my first post here, I opened the field for a series on “Why it pays to be secure”. As I told you there, Henk van Roest, our Security Support Program Manager in EMEA kicked this off for internal training. Let’s return to the theme of deploying security updates once more, we need ...
Posted 14 September 2009 by Roger Halbheer
tags: Compliance , Policies , Business Value , Processes
0
comments
Why it pays to be secure
You might all know that feeling: You need money to finance security activities and you are asked why this money shall be invested. And then we start to argue that if we do not do it – bad things happen. These are questions that myself and our support get often. That was the reason why we start ...
Posted 11 September 2009 by Roger Halbheer
tags: Processes , Policies , Business Value , Compliance
View the RSS feed for this blog »
Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water