Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
The Futility Of Security By Obscurity
Last week saw the launch of Shodan, a search engine for machines (servers, routers, etc.) connected to the Internet.
Free Tool Paints Picture Of Stealthy Attacks
Honeynet Project's 'Picviz' gets a graphical user interface
July Theft Of Navy Laptops Serves As Important Reminder
Bottom line: External storage drives shouldn't be overlooked as a security risk
AppGate Introduces AppGate Mobile Filter Version 1.1
AppGate Mobile Filter version 1.1 allows administrators to fully control browsing from mobile units
Security Lessons From Couple's White House Hijinks
Even the most stringent security procedures have failures. That fact was evident when the U.S. Secret Service learned a Virginia couple slipped into last week's state dinner at the White House.
Kudos To F-Response's New IR Tool For Ease Of Use
F-Response TACTICAL will be released on Thanksgiving Day, with the promise of a plug-and-play ease to help cyber investigators quickly get the evidence they need from live systems.
Security Is Chief Obstacle To Cloud Computing Adoption, Study Says
Half of organizations say they have no plans to use cloud technology; many cite security concerns
New Tool For Centralizing Windows Logs
Microsoft has always overlooked centralized logging in Windows. To date, the most effective way to centralize Windows Event Logs has been through event log to syslog tools and custom agents for the various SIEM solutions. But now there's a new kid on the block with a full-featured agent that goes beyond what's previously been offered for free.
Encryption Making Little Headway Among IT Pros: Survey
Only 14% of respondents to InformationWeek Analytics' State of Encryption Survey say encryption is pervasive in their organizations
New Facebook Worm Warning: Wanna See Something Hot?
A new Facebook worm is making the rounds today, with a brilliant landing page that has already caused many infections.
Product Watch: BitArmor Launches Cloud-Based Encryption Managed Service For USBs, Email, Disks
DataControl 4.0 service offers military-grade encryption for midsize companies
Narrowing The Compromise-To-Discovery Breach Time Line
Security professionals are intrigued by the fact that for approximately half of the data breach cases Verizon Business works, the victim doesn't realize there's a problem until more than six months after the incident occurred. Another stunning fact: More than two-thirds of incidents we work are discovered by a third-party.
Scrutinizing The White House Cyberspace Policy Review
A lot was expected of the White House Cyberspace Policy Review, but like in previous cases, disappointment is what we find.
Two Ways To Encrypt Your Database
File/operating system level-encryption is actually implemented outside the database engine -- but it's still a form of database encryption. And it's referred to as "transparent" encryption because it doesn't require any changes to the database, or calling an application.
Product Watch: Fortinet Issues An IPO
Security appliance, UTM vendor goes public
Push-Button Forensics
Digital forensics, computer forensics, or whatever you want to call the investigation and analysis of computer systems and digital media, is a challenging field that requires deep knowledge of the systems being analyzed. There is a push, however, to lower the barrier to entry for lesser skilled analysts to perform digital forensics using modern forensic tools.
NSA Iraqi Computer Attacks And U.S. Defense
A National Journal Magazine article called "The Cyberwar Plan" has been making waves the last few days in our circles -- it's about how cell phone and computer attacks were supposedly used against Iraqi insurgents by the National Security Agency (NSA). Its significance is far more than just what's on the surface, however.
How To Hack A Brazilian Power Company
The recent "60 Minutes" story claiming hackers had caused power outages in Brazil was (likely) bogus, but that doesn't mean hackers can't do this. The story got widespread coverage in the Brazilian press, which meant hackers there were suddenly interested in the subject. And just days later, chatter appeared on Brazilian hacker Websites expressing interest in ONS, the Website of Brazil's national power grid operator.
There's More To Pen Tests Than Just Breaking In
I have a love/hate relationship with Twitter. Sometimes it seems like there's nothing but garbage on there. But on other days, the wealth of information is so much better than what's in my RSS reader.
Never Understimate The Power Of A Botnet
A deputy director at the Office of Cyber Security in the Cabinet Office in the U.K. said in a recent Home Affairs Committee meeting that botnets are not a big risk for debilitating attacks against the government's networks, but are more likely to be used as a tool to extort money.
Product Watch: IBM Unveils New Virtual Server Security Offering
VMware offering will help users build security into virtualized data centers, Big Blue says
Knowing When To Call In Reinforcements
Knowing when you're in over your head is important. In the world of the IT security professional, it is especially critical given your knowledge and experience will determine your actions and influence your reports to management. Those reports will, in turn, impact their decisions (or at least they should).
A Peek At Transparent Database Encryption
There are several different ways to encrypt data stored within databases -- some residing inside the database, others outside. You can encrypt data programmatically at the application layer or at the database layer, and automatically by the OS/file system or by the database engine itself. Each has a slightly different use case, with differing degrees of data security, complexity, and impact on performance.
Stopping Insider Attacks
There is no single thing you can do to prevent an attack from the inside. The concept of defense-in-depth applies here as it does to all areas of security. No single solution is going to make you secure. Only by putting many defense measures together will you be secure, and those measures must encompass both preventive and detective measures.
Measuring Insider Risk
The key thing to remember when dealing with insiders is they have access and, in most cases, will exploit the weakest link that gives them the greatest chance of access, while minimizing the chances that they get caught. Why try to break through a firewall and gain access to a system with a private address when you can find someone behind the firewall with full access to the system?
Conficker's Next Move
I recently attended a presentation about the current state of the Conficker worm, delivered by Felix Leder and Tillman Werner, two German security researchers from the University of Bonn.
Partially Spilled COFEE
It turns out the version of COFEE (Computer Online Forensic Evidence Extractor) posted to BitTorrent sites is incomplete: It contains only 45 commands, whereas Microsoft claims the tool executes more than 150 commands. It grabs neither browser history nor password hashes. It runs only built-in Windows commands, sysinternals tools, and resource kit tools.
Cell-Level Encryption
A friend of mine was wondering why cell-level encryption isn't used often in databases. What would seem to be a fast and efficient approach to data security actually requires a complex implementation. Cell-level encryption stands in stark contrast to commonly adopted transparent forms of database encryption, and helps us identify hidden costs and complexity.
SaaS Offerings May Play Key Role In Small Business Security, Report Says
As offerings expand, SMBs may get capabilities previously available only to large enterprises, report says
USB-Based Incident Response Tools
Last month's "Using USBs For Incident Response" blog garnered a lot of e-mail responses asking about what tools are available, free or commercial, and how easy they were to use. While there isn't an "EASY" button that makes incident response and digital forensics easy for the layperson, there are tools that enable first responders to arrive on scene, pop a USB flash drive (or hard drive), grab volati
Insider Threat Reality Check
Organizations tend to think once they hire an employee or a contractor, that person is now part of a trusted group of people. Although an organization might give an employee additional access that an ordinary person would not have, why should it trust that person?
WiFi = Mobile Phone
Traditionally, we've thought of WiFi as the way we connect to the Internet from our notebook computers. This is rapidly changing, with definite implications for security pros.
Dissecting Microsoft's Latest Security Intelligence Report
This week Microsoft published volume 7 of its Security Intelligence Report (SIR), covering January 2009 through June 2009.
Former Employees Face Five-Year Sentence After Allegedly Hacking Company Database
System access was still possible for almost two years using old passwords, indictment says
A Tool For Investigating Suspicious Activity
Dealing with malware-infected computer systems can be time-consuming. If the compromised system has sensitive information, then often digital forensics will be employed to see whether the data was or could have been accessed by the malware. With the hit-or-miss performance of antivirus solutions and craftiness of malware authors, determining whether a computer system is infected is getting harder.
What DAM Does
Database activity monitoring (DAM) tools have a range of capabilities, including data collection and analysis. But the real question is: How does this technology help you?
Fundamental Failures With Incident Response Plans
I recently got back from a sizable IT security conference in London. As I've experienced countless times at shows, everyone was most intrigued by the war stories about organizations that were victims of a data breach. Security folks have an innate desire to learn what happened to others so they can prevent encountering the same fate -- or so they say. However, after personally investigating hundreds of data breaches for my clients, there seems to be a number of recurring themes that nobody seems
Fighting The Fear Factor
It's hard work being prey. Watch the birds at a feeder. They're constantly on alert, and will fly away from food -- from easy nutrition -- at the slightest movement or sound. Given that I've never, ever seen a bird plucked from a feeder by a predator, it seems like a whole lot of wasted effort against not very big a threat.
Hacking Is A Way Of Life
We've heard the stories and seen the statistics about insider attacks and how devastating they are to enterprises and their data. However, we've heard little about the underlying causes for many of the insider attacks other than it's the user's fault and the incident could have been avoided if proper precautions were in place. A recent article over at CSO Online sheds light on one of the causes and how it's due in large part to a generation gap and a need to stay connected.
|
Latest Comment: After several data breaches, management decided to go with a more aggresive DLP strategy.
2020: The Year in SecurityDownload this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Tweet This
0 Comments
