Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
When To Choose: Preventive VS Reactive Security
Information security is an area of IT that can have an extremely varied budget based on the parent organizations' belief of whether or not they'll be hacked. It's a mentality that seems silly if you've been in the infosec biz for a while because you most likely have realized by now that everyone gets hacked or has a data breach at some point.
Insiders Not The Real Database Threat
The recent incident where an HSBC employee raided a corporate database of customer information and then attempted to sell information to French tax collectors has been characterized as a user-access control issue. But I don't agree.
FAA Launches Real-Time Security Pilot With IBM
The Federal Aviation Administration is using InfoSphere Streams software from IBM to perform "predictive security analytics" on massive volumes of data
A Russian Strategist's Take On Information Warfare
Today I'd like to introduce you to one of the main thinkers on information warfare, who most of you never heard of. S.P. Rastorguev (Расторгуев C.П.). He is a Russian strategist who unfortunately, as far as I can find, hasn't been translated.
How Safari Hacker Finds Bugs
Multiple vulnerabilities in the mainstream browsers and other widely installed software came to light at the CanSecWest conference in Vancouver.
Effort Will Measure Costs Of Monitoring, Managing Network Security
Open-source Network Security Operations Quant goes live
Automated Web Scanners Bring The Noise
One fish, two fish, red fish, skipfish...huh? That was my initial thought. Skipfish is definitely an interesting name for a Web application security scanner. It sounds like it came straight out of a Dr. Seuss book, but instead it's an awesome new tool from Michal Zalewski and Google.
DIY Whitelisting
I've received several good questions about Microsoft software restriction policies. It's one of those features included in Windows that most people seem to have heard of once, but can't recall where and don't remember what it does. One of the e-mail messages asked about how to know which files are good.
Personal Panic-Button Apps Land On Mobile Phones
Personal security apps for mobile phones are here, and famed criminal profiler and frequent NBC/MSNBC guest commentator Clinton Van Zandt is getting into the act. Van Zandt is now featuring on his LiveSecure.org Website, among other personal security products, a silent panic-button app for smartphones. Separately, a new start-up called SafeKidZone is also about to launch a new panic-button app and service for kids' mobile phones.
So Long, And No Thanks: Why User Education Fails
In "So Long, And No Thanks for the Externalities: The Rational Rejection of Security Advice by Users," Cormac Herley of Microsoft Research tries to answer why users don't respond to security advice.
Drive Imaging Using Software Write Blocking
In my last blog, I detailed several methods for imaging hard drives using hardware and software-based tools. To finish the discussion, today I want to get into software-based write-blocking tools that can be used when hardware options are not available, the drives are not supported, or the situation requires the system to be imaged while online.
Database Dangers In The Cloud
Moving to a cloud-based database and virtual environment comes with plenty of benefits, but there's also a potential price to pay for security.
Using Hard-Drive Imaging In Forensics
A client recently asked me about adding hard drive imaging into its standard incident response process. Because most of the incidents the client deals with are related to malware infections, its current process is to make sure the user's data is backed up before wiping the hard drive and installing a fresh version of the operating system -- a solid process, but it could use some improvements to deal with modern malware.
It's Time For Personal 'OnStar'-Like Security
I recently saw a story about a young child who, upon being confronted by armed robbers in his home, had the presence of mind to lock himself in a bathroom with his younger sister and call 911. Doing so likely saved the lives of everyone in the house. Because this outcome is unusual, I think it's time we looked at personal security more closely.
Tech Insight: The Keys To Cohesive Encryption In The Enterprise
Lack of standards for multivendor encryption makes key management a major challenge today
Challenge Yourself To Be Better
If you've been in the information security field for more than six months, then you know it's vital to stay on top of the latest threats, tools, and news to be effective at your job. That's why many of us love the field so much--it's always changing. And it challenges us.
Cyberwarfare: Play Offense Or Defense?
One of the key differences in military theory between Internet warfare and kinetic warfare is whether defense or offense are stronger. Here's a shortened version of an argument I am formulating about this matter following years of debate.
Energizer Bunny Gone Bad
Along with the usual security alerts covering the March bulletins from Microsoft and various content management systems flaws, US CERT published an unusual security alert about a product from Energizer, the battery company.
New Analysis Tools For Windows Memory
Last week I looked at some creative uses of log analysis for detecting malware, and ways to acquire Windows physical memory for analysis. What I've seen time and time again is where those in charge of security don't even bother to log information from their systems and applications, leading them to a much larger incident response scenario than if they could detect it sooner.
Facebook As A Spear-Phishing Tool
My company Secure Network has been performing a variety of penetration tests that leverage information derived from sites such as MySpace and Facebook.
Acquiring Windows Memory For Incident Response
It was a busy week. Some of you made the annual trek out to San Francisco, while the rest of you were stuck working diligently in your office. Me...well, I'm in the latter group.
At RSA, Some Security Pros Don't Practice What They Preach
Study of wireless behavior at major security conference shows risky user activity -- and some real threats
Social Networks, Data Leaks, And Operation Security
Following a Facebook update from a soldier on an upcoming operation, the Israeli Defense Forces (IDF) canceled an operation into the West Bank, illustrating how the connected world makes maintaining operational security (OPSEC) all the more difficult.
Intel, RSA, VMware Team On Cloud Security
Proof-of-concept demonstrates an architecture for a secure virtualization environment that bakes security into hardware and includes SIEM and GRC
Creative Approaches To Malware Detection
Cyberwar and advanced persistent threats (APT) are fun terms thrown around a lot lately. Everyone seems to have their own slightly varied opinion on what they each mean. Personally, I don't care all that much what the different nuances of each are as long as I can understand the associated threats and deal with them appropriately.
Product Watch: Free Tool Cleans Up 'Rusty,' Unsafe Firewall Settings
Matasano Security rolls out open-source product that cleans up and checks firewall configurations for security holes
|
Latest Comment: After several data breaches, management decided to go with a more aggresive DLP strategy.
2020: The Year in SecurityDownload this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Tweet This
0 Comments
