Liquidmatrix Security DigestLiquidmatrix Security DigestYour Source For Network and Information Security News Articles
10 Security Threats To Watch For
2008-04-10 16:01:00 People do love their “top 10″ lists. Security folks are no different. Here is a list of ten threats to keep an eye on. Of course this is by no means exhaustive. From Network World: Virtualization can help make more efficient use of hardware, but it also creates new security problems. In particular, it ... More About: Watch , Top 10 List , Threats
Security Briefing: April 10th
2008-04-10 13:53:00 OK, based on the emails I received yesterday (thx by the way), I’m sure. I’m going to take the plunge and start working on a book. Now, don’t expect anything soon. Based on Portswigger’s comment I can see at least a year from now. I have toyed with this idea since I was a young ... More About: News , Security , April
Joanna On RSA
2008-04-10 05:13:00 Joanna Rutkowska gave a talk at RSA today and found out the joys of San Francisco fire regulations. From Invisible Things: Today I was giving a speech at the RSA Conference in San Francisco. The RSA is a really big conference and also seems to me like a very well organized one ? e.g. they have ... More About: Conventions , Joanna
Database Administration Security Strategy
2008-04-10 05:03:00 From Computer Weekly: Given the vital importance of the information held within corporate and government databases it is surprising that the security of these databases is often of unknown provenance, at least as far as those charged with information security duties are concerned. I am not setting out to offend an entire section of the IT industry ... More About: Security , Strategy , Data Security , Database , Administration
RSA: Cyber Storm II
2008-04-10 04:54:00 Earlier today there was a town hall meeting that reviewed the recent Cyber Storm II excercise. This was a massive simulated computer attack. I was involved in the first Cyber Storm exercise and one of the funniest parts of that was that someone took it upon themselves to return fire. Amusing, albeit counter productive. From Information ... More About: Conventions
Raytheon Launches Cyber-Security Unit
2008-04-10 04:42:00 To throw more fuel on Myrcurial’s “cyber” fire I figured I would point folks to this article from the Arizona Star. I have to admit that I completely agree with him on the gratuitous use of the word “cyber” by talking heads and mainstream media. From azstarnet: Raytheon Co., which bought data-protection company Oakley Networks last year, ... More About: Security , Cyber , Unit
A Call to Arms?
2008-04-09 21:36:00 It’s time folks. It’s time for us to band together, united in a common cause with critical impacts on our lives. It’s time to stamp out forever the disingenuous use of the prefix “Cyber” by the douchetard squadron of aged wannabes. (Note, The almighty Goog comes up with over 157,000 instances of the prefix on *.gov) It has ... More About: Arms , Call
Veracode Gets The ?Fonz? Rating
2008-04-09 16:50:00 Now, Veracode is a company that I see as an excellent growth company. I’ve been a fan of theirs since I first met them at RSA 2007. The long and the short of it is that this is a company that does binary analysis of your in-house code. For a fee of course. I had ... More About: The Fonz
Security Briefing: April 9th
2008-04-09 14:55:00 Wednesday. Pondering writing a book. A substantial undertaking but, am I up for the task? Hmmm. And now, the news… RSA - Microsoft: Let’s talk about trust Security Sleuths Search for a Single Sign-On Solution Symantec Statistics and Malware’s Mushroom Cloud Three quarters of organisations think applications can be exploited by criminals RSA?s Coviello: Let?s cook up a thinking security defense ... More About: News , April
Enjoying The Sun?Oh Right, It?s Patch Tuesday
2008-04-09 00:00:00 Well, there’s death, taxes and patch Tuesday . Today has 5 critical on tap as well as 3 important patches. MS08-018: Vulnerability in Microsoft Project Could Allow Remote Code Execution (950183) MS08-021: Vulnerabilities in GDI Could Allow Remote Code Execution (948590) MS08-022: Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution (944338) MS08-023: Security Update of ActiveX ... More About: Patches , Patch
Japanese Firms Starting Ratings For IT Security
2008-04-08 17:53:00 Well, here is an interesting twist. I can’t say that I’m overly surprised as this type of ranking was inevitable. From the Associated Press: Eighteen Japanese firms said Tuesday they were creating the world’s first ratings agency looking at data security, which they said was a rising concern for companies. The new firm, called IS Rating, will ... More About: Security , Data Security , Information Security , Ratings
RSA Day Two Daily
2008-04-08 16:56:00 Today is the big day. The keynotes will begin momentarily. Among the list of keynotes are Art Coviello from EMC/RSA, John Thompson, CEO of Symantec and Michael Chertoff from DHS. Michael is on at 11:30 am. I have to admit I was really looking forward to being a part of the media scrum for that ... More About: Daily , Conventions
Security Briefing: April 8th
2008-04-08 16:01:00 Sorry for the late news posting this morning. I was tied up in a telecon. I love it when I can “sit in” on a meeting in my boxers with a coffee in hand. The joys of mobile computing. And now, the news… Young workers more likely to break corporate Web apps rules Newfoundland schools tighten security followed ... More About: News , Security , April
Virginia First To Require Internet Safety Lessons
2008-04-08 03:13:00 Very nice. It would appear that common sense is starting to catch on! The Commonwealth of Virginia (one of my my former stomping grounds) has come out as the first US state to mandate internet safety lessons in schools. While I find this to be a bang up idea I just hope that it doesn’t ... More About: Internet , Education , Safety , Child Safety
Thanks To Network World!
2008-04-07 22:18:00 I was checking out my stats for todays readers when I noticed an inordinate spike in traffic from the site Network World . Being the typical curious sort I cruised on over to see what was the hub bub. Well, damn. Jon Brodkin has a piece on “20 useful IT security Web sites” and Liquidmatrix is ...
Encryption Solutions Get Boost from Data Breaches
2008-04-07 19:46:00 I’ve had a rash of phone calls lately from vendors saying “did you hear?” and using that to leverage their product offering. I can’t blame them. I know they have to make a buck. Here is an article over on “Enterprise Security Today” that points to this boost in sales. Data breaches leave organizations vulnerable to ... More About: Encryption , Data Security , Crypto , Solutions
RSA Day One Orientation
2008-04-07 17:06:00 OK, so it’s day one. You’re in San Francisco attending RSA 2008 possibly for the first time. What do you need to do? Well, for starters you should take advantage of the first timers orientation. This might seem overly simplistic but, RSA 2008 is a big show. If you want to get you money’s worth ... More About: Conventions , Orientation
Security Briefing: April 7th
2008-04-07 14:40:00 OK, I’m back in the saddle again. The last several days have served me well for healing up. It’s still a bummer that I can’t be in San Fran for RSA 2008. Ah, well. Next year then. Gives me more time to work on preparing for Sector 2008 And now, the news… HSBC loses 370,000 customer details Wanted: ... More About: News , Security , April
Charlton Heston Has Left The Building
2008-04-06 16:44:00 From CNN: Charlton Heston , who won the 1959 best actor Oscar as the chariot-racing “Ben-Hur” and portrayed Moses, Michelangelo, El Cid and other figures in movie epics of the ’50s and ’60s, has died. He was 84. The actor died Saturday night at his home in Beverly Hills with his wife Lydia at his side, family spokesman ... More About: Building , Physical Security , Left
Google Sued Over Street View
2008-04-06 16:29:00 Um, huh? A couple in Pennsylvania is suing Google to the tune of $25K+ for “pain and suffering” after their house showed up on Google Street View . The house was purchased for $163,000 according to “The Smoking Gun“. So, this begs the question. Just how ugly is their house that it would cause that much ... More About: Privacy , Sued
Well, Crap
2008-04-03 04:44:00 I managed to get selected as an official blogger for RSA. I was really looking forward to attending RSA 2008 next week. But, due to circumstances, I will not be able to go. I’m set to have a medical thing tomorrow that will apparently preclude me from flying for several days. I still plan to ... More About: Conventions , Crap
E-discovery Adds Twist To Litigation
2008-04-02 22:15:00 Here is a topic that seems to be heating up in the press lately. E-discovery is fast becoming an attention grabbing headline. From GCN: New rules for electronic data discovery during litigation, combined with the massive amount of electronic data now available in federal databases, will require closer communication between the legal and information technology departments ... More About: Discovery , Forensics , Twist , Litigation
Security Briefing: April 1st
2008-04-01 16:48:00 Hey great…April Fools. Yeah, you got me. Well, no. No one did. But, that’s neither here nor there. And now, the news… Storm Worms exploit April Fools Teenager admits to million-PC botnet scam European Union, NATO to tackle cybercrime Military awards contract for next-generation tactical radio system Apple’s Security Patch Process Gets Worse While Microsoft’s Gets Better Stolen laptop reveals security gap Internet ... More About: News
Today?s Spies Find Secrets In Plain Sight
2008-04-01 16:35:00 From USA Today : For 40 years, U.S. presidents have begun each day with a top-secret, personal briefing on security threats and global affairs obtained largely from covert spy missions, clandestine satellite surveillance and other highly classified intelligence sources. Now, however, the President’s Daily Brief and other crucial intelligence reports often rely less on secrets from risky espionage ... More About: Search , Plain , Find , Secrets
IBM Hit With Temporary Contract Ban
2008-04-01 15:24:00 Oops. From Yahoo Finance: IBM Corp. has been temporarily banned from new federal contracts as prosecutors examine interactions between employees of the company and the Environmental Protection Agency. The suspension went into effect last Thursday “while the agency reviews concerns raised about potential activities involving an EPA procurement,” the agency said Monday in an e-mailed statement. Under ... More About: Contract
CCC Publishes German Minister?s Fingerprint
2008-04-01 14:52:00 Love the Gummi Bears. But, in this case it was a little more sophisticated. From Wired: To demonstrate why using fingerprints to secure passports is a bad idea, the German hacker group Chaos Computer Club has published what it says is the fingerprint of Wolfgang Schauble, Germany’s interior minister. According to CCC, the print of Schauble’s index finger ... More About: Minister , Biometrics
Security Briefing: March 31st
2008-03-31 15:55:00 Monday is the cruelest morning. And now, the news… CIA enlists Google’s help for spy work RCMP computer security breached, documents reveal PGP publishes encryption APIs Poisoned websites staying contaminated longer Staff forced to bypass security controls Lost by the government: 600 laptops, 400 phones ? and a car Experts warn of card-swipers’ perils Savvis unveils managed security services Black Hat: new operating systems ... More About: News , Security , March
Hackers Grab Info Sent To Irish Jobs Agency
2008-03-31 15:40:00 This morning brings word of another data breach. This time the victim was the Irish employment site Jobs .ie. From Ireland.com: Jobs.ie would not say how many of its clients had been affected, but said it had now fixed the security breach. The clients whose information was taken are at risk from identity fraud and “phishing”, where ... More About: Crime , Agency , Phishing , Info
CanSecWest: Countering Misinformation
2008-03-31 15:11:00 Here is a piece on the recent CanSecWest conference. This piece by Thom Holwerda is a response to an article that showed up on “Roughly Drafted“. From OS News: As you surely know by now, the CanSecWest conference was the stage for a contest, PWN to OWN. Three laptops were set up; laptops running Windows Vista, Ubuntu ... More About: Conventions , Conferences
New Version Of Oracle Password Cracker ?woraauthbf?
More articles from this author:2008-03-31 15:03:00 Thanks to Pete Finnigan’s site we learn that there is a new version of the Oracle password cracker “woraauthbf” available. From PF’s blog: The Oracle password cracker woraauthbf written by Laszlo Toth has been updated and released as a new version 0.21R2 (The R2) is the new part, so even if you are running version 0.21 ... More About: Tools , Data Security , Password , Version 1, 2, 3, 4, 5, 6, 7 |
 |
|
 |
