By: Leigh Goldie
For the last few months, security breaches have been on the rise (or let’s
just say have been receiving more news coverage). We have seen countless
stories of large, popular websites being compromised by unknown, or later
identified, hackers. The quest, it seems, is to determine how easy it is to
access the personal information of customers from any popular company. The
hackers are proud of their accomplishments, as they have gained access to
tens of millions of users account information. But it seems they have a
message for corporations – encrypt your customers’ personal information.
But are companies being proactive?
When you personally work with any company – be it a bank, hospital,
university, or social media site – as a customer you are providing them
with personal information. This includes credit card numbers, account
numbers, social securi... (more)
No matter what facet of information security you're in, from being the CISO
down to just installing security patches and keeping up to date, there will
probably be a point where you need to see the details of a hack. Maybe it's
because you need to fingerprint what it does or how it acts on your network.
Maybe it's because you need to be able to reproduce it in a penetration test.
Either way you look at it, sometimes you just need to test something out.
Obviously, this could go one of a few ways. You could execute these hacks on
your network. This could lead to potentially bad out... (more)
Alternative Search Engines for the Contemporary User
by Michael Yanovich
When on the Internet, how do you find things? Many use a search engine.
Currently the most popular search engines that people flock to are Google,
Yahoo, Baidu, and Bing. As of January 2011 approximately 98% of all web
searches are done on these sites. However, there are quite a lot of other
search engines that make up the smaller 2%. Some with many features that
aren’t available from the big four. Here are a few that tend to come up
often in Internet discussions for being unique with features and results.
IPS Updates, Splunk, Check Point and You
How I Learned to Stop Hating the Term “Zero-Day” but Not Really
By: Bill Mathews
Zero Day attacks – you know, the ones that almost EVERY signature in your
IPS claim to protect you against? Yep those guys, nasty little things.
Basically, if IPS vendors are to be believed, those are the things that
don’t have a patch yet and have active exploits against them. You update
your IPS signatures and BOOM protection from zero day! The problem we always
run into, and this is with almost every IPS vendor so I’m not just picking
on Check Point here, is... (more)
By: Bill Mathews - Anyone who listens to our podcast should know that I hate
all anti-virus and anti-virus vendors. I really don’t have too many shades
of grey when it comes to it, so it’s pretty hard to make me want to do
anything regarding anti-virus technology that isn’t just recommending you
get rid of the platform that is so susceptible to it. I’ve argued (and
still argue) that even though there is clearly a malware issue with Android
phones (unless lots of folks are lying), it is not as bad as the vendors make
it out to be.
They have a whole new platform to infect…err, get ... (more)