Clik here to view.
Where were you? 10th Anniversary of Gates Trustworthy Computing Memo – Part 1
January 15th is the 10th anniversary of Gates Trustworthy computing memo. The effects of this memo have already been discussed on Threatpost so I thought it would be interesting to take a different...
View ArticleClik here to view.
Week 2 In Review
Resources How Modern Cars Can Be Cracked – autosec.org SOURCE Barcelona Resources from September 2011 – sourceconference.com Links, articles, and media from the event. OSCP-My Review –...
View ArticleClik here to view.
The New Laws of Anti-Malware Technology #4: There is No Single Threat...
In this post, which is the fourth, in my series on the "New Laws of Anti-Malware Technology," I'd like to talk about the concept of a "threat landscape". (See here, here, and here for the previous...
View ArticleClik here to view.
Norton Source Code To Be Posted Tuesday
Symantec headaches continue to grow after the leak of source code for their Norton product. From Reuters: A hacker who goes by the name of ‘Yama Tough’ threatened Saturday to release next week the...
View ArticleClik here to view.
FreeBSD Now At Version 9.0
Word, of the release of FreeBSD version 9.0, has come to my attention over the week-end. Thankfully so, as the timeliness of the news coupled with todays’ MLK Holiday certainly allows for the first...
View ArticleClik here to view.
Clik here to view.
7 Ways to Protect Your Online Bank Transactions
Sending your bank transactions surfing across the web can be as hazardous as piloting a ship through pirate-infested waters. Here are seven best practices for online banking security. Use a dedicated...
View ArticleClik here to view.
T-Mobile staffers and PR team exposed by webserver breach
Several T-Mobile employees and a handful of their PR agents had some of their contact data exposed after one of the company’s webservers were breached. The group TeaMp0isoN claimed responsibility,...
View ArticleClik here to view.
Great Expectations and the Grim Reaver
Just published in SC Magazine's Cybercrime Corner, expanding on a conversation I had recently with Kevin Townsend, is an article on "Great Expectations" that discusses WPS, "Whoops!!!," the Grim...
View ArticleClik here to view.
Your Data Privacy Day: 1 of 3
How Private Is Your Data, Really? How private is your data? If you are like most people—and even many corporations—you can’t offer a solid answer. Yet one person’s lack of knowledge about data privacy...
View ArticleClik here to view.
The SC Awards Blog opens, and our Social Media Awards are ready for nominations
Welcome to the SC Awards Finalist Blog, where the contenders for an SC Magazine U.S. 2012 Award will offer advice on how to defend against modern-day threats.
View ArticleClik here to view.
Hackers Hit El Al And Tel Aviv Stock Exchange
Back in July our very own James Arlen warned about the dangers of automated high speed trading networks. From CNET: An emphasis on speed and a lack of security makes automated trading in financial...
View ArticleClik here to view.
Taking SANS FOR610 malware forensics class
The class started tonight via their vLive platform. It looks like a very interesting course. I will post comments as I go....
View ArticleClik here to view.
Exclusive: How five members of the Koobface malware gang were unmasked
The indepth story of how five men were identified as part of the Koobface gang, in a detailed investigation conducted by independent researcher Jan Drömer, independent researcher, and Dirk Kollberg of...
View ArticleClik here to view.
InfoSec Daily Podcast Episode 569
Episode 569 - Happy MLK, Death of SOPA?, DataExfil, Norton Source Code, Zappos, & TeaMp0isoN
View ArticleClik here to view.
SBN Sponsor Post
Attend the RSA Conference webcast .Using Online Advertising to Find Out if Your Data is Valuable to a Criminal. on January 25th.http://bit.ly/sGUunJ
View ArticleClik here to view.
Phishing Your Employees 101
A new open source toolkit makes it ridiculously simple to set up phishing Web sites and lures. The software was designed to help companies test the phishing awareness of their employees, but as with...
View ArticleClik here to view.
"The Color of a Forensicator’s Parachute: Professional Development and...
Next week is DoD Cybercrime and I put in to lead a panel that I feel is often overlooked by many in the community. Proper professional development of our DFIR staff. As a result, I submitted a talk to...
View ArticleClik here to view.
24 million customer accounts exposed in Zappos hack
Amazon-owned Zappos.com has indeed confirmed that its online service has fallen to a malicious hack and up to 24 million customer accounts may have been compromised as a result.
View ArticleClik here to view.
Post Transaction Attacks Exposes Weaknesses in Fraud Prevention Controls
A recent FBI warning on the Zeus variant called Gameover reveals that high detection accuracy of fraudulent transactions is not enough to prevent cybercrime. This new attack is specifically designed to...
View Article