Clik here to view.
Eternal Flame
The Eternal Flame is something you’ll probably recognize as the ever burning fire in ancient Greece; but in fact it has deeper roots in the Middle East. The first records of such custom are,...
View ArticleClik here to view.
#gingerthursday amidoinitrite? Album: Luci (37 photos)
#gingerthursday amidoinitrite?Album: Luci (37 photos)
View ArticleClik here to view.
Oracle Databases, a Penetration Tester’s View of Unauthorized Access to...
When penetration-testing you get to see lots of seemingly unbelievable security failures, but they’re so common that as penetration testers you’re never really surprised. We know from our Global...
View ArticleClik here to view.
Wiretapping: Feds Above The Law?
The warantless wiretapping saga is back in the media again. This time the Feds are playing the part of troll and are thumbing their noses at laws designed to keep nonsense in check. It appears that...
View ArticleClik here to view.
KPCB’s 2012 Internet Trends report
Mary Meeker of venture capital giant Kleiner Perkins Caufield Byers just published the latest version of KPCB's Internet Trends report (PDF). Here are a few bits from its 112 pages that I found...
View ArticleClik here to view.
Friday Summary: June 1, 2012
It’s the first of June, and I’m sure most of you are thinking about vacations, if not actually on vacation at this point. I’m here holding down the fort while the rest of Securosis is visiting some...
View ArticleClik here to view.
Never Decide … Advise
As you progress higher and higher in your infosec career you’ll start to see that people stop blowing you off and actually start listen to what you say. It can be quite startling when this happens the...
View ArticleClik here to view.
Pragmatic Key Management- Understanding Data Encryption Systems
One of the common problems when working with encryption is getting caught up with the intimate details of things like the encryption algorithms, key lengths, cipher modes, and other minutia. Not that...
View ArticleClik here to view.
Windows 8 Release Preview Available for Download
Today on the Building Windows 8 blog , Microsoft announced the availability of the Windows 8 Release Preview . (Read the press release here .) There are a couple of things to note that are of note to...
View ArticleClik here to view.
Malware Installed on Travelers’ Laptops Through Software Updates on Hotel...
Malware Installed on Travelers' Laptops Through Software Updates on Hotel Internet Connections - Recent analysis from the FBI and other government agencies demonstrates that malicious actors are...
View ArticleClik here to view.
Citadel Trojan uses insidious forms of Social Engineering
The Zeus Trojan was bad enough, but the attackers have not stopped their efforts there. Today there are reports of a new variant of that trojan called – ‘Citadel’. The Citadel is a chimera of the Zeus...
View ArticleClik here to view.
Poll: What Are Your Favorite Paste Sites?
In the process of extending my pastemon tool, I’ve a quick poll for you. At the moment, I’m monitoring pastebin.com (and soon another one) but what are your favorite paste sites? Please take a few...
View ArticleClik here to view.
Through the IT forum jungle: an example with an Android smartphone
Daring upgrading an Android-based smartphone even if your carrier left you alone? Let's try, it is really worthy. Firstly, if it is not automatically detected, you will need this step so that your...
View ArticleClik here to view.
‘Windstream bill’ themed emails serving client-side exploits and malware
By Dancho Danchev Cybercriminals are currently spamvertising millions of emails impersonating the Windstream Corporation, in an attempt to trick end and corporate users into clicking on links found in...
View ArticleClik here to view.
Apple Goes Open Kimono on iOS Security
Apple normally stays very quiet when it comes to discussing the security mechanisms of its products. Anyone who reads Optimal Security knows I’m not a fan of that approach. I believe it’s...
View ArticleClik here to view.
How to Open and Close Your Business Safely
In a retail environment, opening and closing times present unique security risks. At these times, employees are particularly vulnerable to robbery. I have posted a sample policy that you can modify for...
View ArticleClik here to view.
Massachusetts hospital data breach settlement shows health care providers are...
Somewhat lost in the conflagration over Flame and other sexy security news this week, South Shore Hospital agreed to a $750,000 settlement with Massachusetts Attorney General’s office over the loss of...
View ArticleClik here to view.
DNSChanger ‘temporary’ DNS servers going dark soon – is your computer really...
DNSChanger, a piece of malware that re-routed vast swaths of Internet traffic through rogue DNS servers after users became infected, was shut down by the FBI late last year. But since simply shutting...
View ArticleClik here to view.
CSRF Prevention in Java
What is it and why should I care? Cross-Site Request Forgery (CSRF) is an attack where victims are forced to execute unknown and/or undesired requests onto a website where those requests are currently...
View ArticleClik here to view.
InfoSec Daily Podcast Episode 681
Episode 681 - Tiny Banker, Cosmo, Botnet Plan, Counterfeit Components, Multiple Layers and iOS Guide
View Article