| From : information-security-resources.com
Not yet published.
Alert: New OpenSSL Vulnerability
November 18, 2010 Added by: Brent Huston
A new security issue in OpenSSL should be on the radar of your security team. Stunnel and Apache are NOT affected, many other packages appear to be. The issue allows denial of service and possibly remote code execution. Patches for OpenSSL and packages that use it are starting to roll in…
Comments (0)
Defending Your Network: Detection versus Prevention
November 18, 2010 Added by: Robb Reck
Our... Read Full Story
| From : information-security-resources.com
Not yet published.
Windows Server 2008 Remote VPN-SSL
November 05, 2010 Added by: Mourad Ben Lakhoua
The growth in the number of mobile workers motivates small to medium companies to allow remote access to corporate resources. VPN is the first and most direct solution, as it provides the necessary level of performance and allows the employee to work in a safe and secure environment…
Comments (0)
Stuxnet Targeting Specific SCADA Configurations
November 05, 2010 Added by: Danny Lieberman... Read Full Story
| From : information-security-resources.com
Not yet published.
The Business Case for a Next-Generation SIEM
November 26, 2010 Added by: Heather Howland
In the current economic climate, organizations face the difficult task of prioritizing where to spend their limited budgets so that they emerge from these uncertain times as viable companies. Feeling this pain most acutely are those who deliver critical network services and applications…
Comments (0)
Keep Your Eyes on this Adobe Zero Day
November 01, 2010 Added by: Brent Huston
A... Read Full Story
| From : information-security-resources.com
Published to Website Security
The Law of Privacy on Social Networks
October 20, 2010 Added by: David Navetta
Relevant information stored on social networks is generally discoverable in civil litigation. This simple proposition is largely ignored by most users of social media, and has been largely ignored by lawyers doing discovery in civil litigation…
Comments (0)
On Scope Shrinkage in PCI DSS
October 20, 2010 Added by: Anton Chuvakin
People who came to PCI DSS assessments and related services... Read Full Story
| From : information-security-resources.com
Not yet published.
Typosquatting for Fun and Profit
October 19, 2010 Added by: Robert Siciliano
Typosquatting, which is also known as URL hijacking, is a form of cybersquatting that targets Internet users who accidentally type a website address into their web browser incorrectly. Typosquatting and phishing go hand in hand…
Comments (0)
Implementing Application Security in the Enterprise
October 19, 2010 Added by: Robb Reck
All leaders have seen the results of poor security in the news... Read Full Story
| From : information-security-resources.com
Not yet published.
A New Twist on Identity Theft Hits Home
October 17, 2010 Added by: Theresa Payton
The report indicates that alleged scammers hacked into Mildenhall’s email account. From there they were able to get to his personal and property documents. They sold the house and sent the cash to bank accounts in China. In the meantime, Roger Mildenhall, is half a million dollars poorer…
Comments (2)
Verecloud Hoping to Save the Telcos
October 17, 2010 Added by: Ben Kepes
Cloud... Read Full Story
| From : information-security-resources.com
Not yet published.
Seminar to Feature ISECOM’s OSSTMM v3
October 13, 2010 Added by: Anthony M. Freed
The OSSTMM is a peer-reviewed methodology for performing security tests and metrics divided into five channels: information and data controls, fraud and social engineering, computer and telecommunications networks, wireless devices, physical security access controls, and security processes…
Comments (0)
Infrastructure is Incredibly Underutilised
October 13, 2010 Added by: Rahul Neel Mani... Read Full Story
| From : information-security-resources.com
Not yet published.
When Merchants Get Rid Of Cardholder Data
October 10, 2010 Added by: PCI Guru
There appears to be this belief that once merchants get rid of cardholder data, life will be so much better and safer. But is that really what will happen? What does happen once merchants get rid of cardholder data? Do the clouds part? Is there sunshine forever?
Comments (1)
Business Associates Must Be HIPAA Compliant
October 10, 2010 Added by: Jack Anderson
In response to a question from a... Read Full Story
| From : information-security-resources.com
Not yet published.
Vulnerability Management in the Cloud
October 07, 2010 Added by: Lawrence Pingree
Cloud providers will more than likely need to provide application programming interfaces which will allow the scan engines/management consoles to read-in current asset or deployment information from the cloud and then dynamically update the IP address information before scans commence…
Comments (0)
Privacy, National Security and Internet Traffic
October 07, 2010 Added by: Theresa Payton... Read Full Story
| From : information-security-resources.com
Not yet published.
Enterprise Information Security versus Social Networking
October 05, 2010 Added by: Robb Reck
The conflict between InfoSec and social media is not going to go away. As our society grows more connected the issue will be highlighted all the more. But just as social media will not go away, neither will the need to secure our data and systems…
Comments (1)
Stuxnet, Aurora: Why AVs Fail and Why We Need Them
October 05, 2010 Added by: Pascal Longpre
Operation Aurora, which... Read Full Story
