Study Shows Employees Put Data at Risk
From the Infosec Island Network
The study found that 15% of German and 13% Swedish business managers have disengaged their encryption solution. In contrast, 52% of Canadian, 53% of British, and 50% of French business managers have disengaged their encryption, while U.S. business managers are the most likely to circumvent company data security policy – topping the survey at 60%…
Tracking Google’s Script Kiddie Hackers
From the Infosec Island Network
If you choose believe the writings of Mandiant, you’re under the impression that Chinese hackers are hellbent on taking over every large corporation in the United States…
Newbie Introduction to Digital Forensics Part 2
From the Infosec Island Network
Up to this point in my career Digital Forensic Analysis consisted of a basic scan for documents from the “exited” employees hard drive. Given the “extensive” nature of my past investigations, I was convinced that I could easily impress the executives at my company by doing more. So, the research part of my journey began…
Simple Log Review Checklist Released
From the Infosec Island Network
Today, many people are looking for very simple solutions to big and complex problems – and the area of logging and log management is no exception. Following that theme, we have created a “Critical Log Review Checklist for Security Incidents” which is released to the world today…
Press F1 for Help? Microsoft Zero Day Threat!
From the Infosec Island Network
Microsoft published security advisory 981169 yesterday in response to the zero day vulnerability reported a few days prior. The vulnerability is in the help system and can be triggered by luring an Internet Explorer user into pressing the F1 key…
A Newbie’s Introduction to Digital Forensics
From the Infosec Island Network
The economic and business challenges of the last year have forced changes to business priorities in many areas. For IT, increased scrutiny was placed on data leakage and security. When times are good, businesses can become distracted with new products and technologies. It is not until budgets are cut that the focus moves inward…
Security Best Practice: Trust But Verify…
From the Infosec Island Network
Very interestingly enough, in the past five or six days we have been detecting ad networks including Google Adsense, Adultadwords, and Adbrite allowing malware-laden ads on their networks. We are not the only ones who have identified this issue, check out the following links for more information about them…
Google, Adobe, and Big Oil Under Attack!
From the Infosec Island Network
The work of protecting information is becoming more difficult with time. The recently discovered attacks on Google, Adobe, Marathon Oil, ExxonMobil, and ConocoPhillips illustrate an alarming trend. The attacks even gave rise to a new attack model, the Advanced Persistent Threat (APT)…
Building your OWN Malware Lab (Part 2)
From the Infosec Island Network
Some are using encryption to make it difficult for any security software product to add any an AutoRun to the registry entries to defend itself against anti-malware software, or just by adding a line to the host file to prevent the antivirus from updating their definition. The report by ThreatExpert includes very important information regarding any file and is divided to two parts…
How Twitter Spam Steals From Google, Yahoo!
From the Infosec Island Network
Scammers have been devising ways to ride on someone else’s coattails since the dawn of time. With every new technology they find another way to make money from nothing. I was innocently monitoring my Twitter feed last night when I saw someone tweet “Sophos acquires anti-spam specialist ActiveState.: An article from: Software Industry Report hxxp://censored”. Interesting… I used to work at ActiveState and know we were acquired in 2003. Something was fishy…
