Anthony founded Information-Security-Resources.com.
ISR is recognized as one of the leading publications on security issues related to the handling of sensitive data, including IT security best practices, regulatory compliance, and privacy issues, and is ranked well inside the top 1% of all websites.
ISR is the exclusive news content provider for the Internet Security Alliance, the leading cyber security think tank and trade lobby which works closely with the United States Congress and the
What I'm Reading
Everything...
Subjects I'd Like to Learn More About
Anything...
An Interesting Fact
My great uncle was a wing-walker and performed the first successful plane to plane midair transfer (jump), as well as being an early parachute tester, pilot of a wingless plane, then held first helicopter mechanics license ever issued - Bell Helicopters, 1946. His name was Danny Grecco of Portland, Oregon (b. Calabria, Italy).
By Robert Siciliano, Identity Theft Expert
Mules are relatively unaware people who get hooked into a “small business” or employment that is a function of a criminal enterprise.
The mules often respond to “help wanted” ads from online job placement sites.
Shipping scams are a common tactic criminals use in which they employ mules to receive goods bought with stolen credit card numbers, who then ship to people who buy them in online auctions.
The mules in this process are essentially facilit... Read Full Story
By Christopher Burgess, Senior Security Adviser
End users tuning you out? Here’s a three-step process for taking human factors into account in your security program (and even using them to your advantage).
Let us begin with the premise that security policies exist to protect an entity’s assets as it pursues the normal conduct of business.
To ensure that those policies are effective, security professionals must first understand the social elements, including cultural and generation... Read Full Story
By Bozidar Spirovski, CISSP, MCSA, MCP
When investigating an intrusion in a Windows system, one of the first places to start is the Windows security log.
Security event log is also very useful for analysis when searching for anomalies and possible intrusions.
Reading through a Windows security log or any other log can be very difficult and time consuming, so a lot of companies have created their own tools to analyze windows event logs.
But before you start going commercial, there is a tool t... Read Full Story
By Robert Siciliano, Identity Theft Expert
After the Vegas DEFCON ATM debacle where hackers hacked hackers by setting up a fake ATM in front of the facilities security office, I needed to see how stupid easy it was to buy and ATM and just set it up anywhere. So my search began.
I started looking on E-bay and found plenty of new and used ATMs ranging from $500-2500 but quickly determined I didn’t want to pay $300 for shipping.
Next was Craigslist, where anyone can rent out an apartment, buy a... Read Full Story
By Anthony M. Freed, Information-Security-Resources.com Managing Editor
Internet Security Alliance President Larry Clinton joined several other prominent information security advocates to provide testimony before the Senate Judiciary Subcommittee on Terrorism and Homeland Security Tuesday.
Entitled Cybersecurity: Preventing Terrorist Attacks and Protecting Privacy in Cyberspace, the hearings are one of several held this year by various Senate and House committees who over see everything from ... Read Full Story
By Anthony M. Freed, Information-Security-Resources.com Managing Editor
An innovative new investor analytic tool made its public debut today, and it offers an exciting look at what may well be the future of online trading for both market experts and arm-chair analysts alike.
Trefis, named for its focus on trends, forecasts, and insights, is revolutionary in its forward-looking approach to stock analysis which, incorporates a more intuitive look at the relationship between a company’s p... Read Full Story
Coby Royer, Technical Product Manager for Symplified
Does SaaS Diminish the Need for Enterprise Architecture? This is a good question, but we have to understand what is meant by Enterprise Architecture (EA).
It is generally accepted to be a discipline and sometimes that strategically aligns an organization to its technology and business goals.
Activities such as Enterprise Architecture Planning (EAP) serve this need and are essential to IT Governance. Other activities relate to the applicat... Read Full Story
BY Mel Duvall, Chief Content Officer at CIOZone
IBM made a series of moves on the business intelligence and analytics front the other week, including launching a new mashup service for its Cognos 8 software.
IBM has made analytics one of its focal points this year as companies continue to invest in the technology despite cutting back on other fronts.
At the company’s Information on Demand conference in Las Vegas, IBM outlined a series of new products and services.
It includes tools to ... Read Full Story
By Michael O’Connor, President of IronClad Consulting
I recently studied one of the many procurement fraud cases (US v. Khan) associated with the LOGCAP III contract, and came away with mixed feelings.
On the one hand, I saw groups such as the relatively recently formed National Procurement Fraud Task Force (NPFTF) and Defense Contract Audit Agency (DCAA) perform in stellar fashion.
On the other hand, the Army, disappointingly, seems to keep a revolving door culture for vendors who have... Read Full Story
