Hackers Lurking in Hotel Networks

From the Infosec Island Network

Unfortunately for the frequent flyers among us, recent industry research from TrustWave’s Spider Labs showed that hackers went after hotel networks more than any other destination in 2009, accounting for 38% of all known security breeches, more than the financial services industry (19%) and retail industries (14.2%) combined…

7 Month Vulnerability in Windows Virtual PC

From the Infosec Island Network

Core Security Technologies (CST) has discovered a critical vulnerability in windows virtual PC allows an attacker to bypass security measures and run a malicious code on the guest mahine. The concerned platform for this vulnerability is Virtual PC 2007, Virtual PC 2007 SP1, Windows Virtual PC, Virtual Server 2005 and Virtual Server 2005 R2 SP1.

How to Secure a Cisco Router

From the Infosec Island Network

Before you begin, keep a copy of your present, working router configuration in pristine condition. Save the edited configuration to a new file. The same goes for IOS code. Make sure you have a full copy of the version you’re running before you upgrade…

On HTML Insecurities…

From the Infosec Island Network

Although it is straightforward to use secure coding practices to ensure that the browser will not be vulnerable to being exploited from viewing a web page, there have been a number of vulnerabilities that have continued to affect even modern browsers, in the area of image display…

When Social Networking Clashes with Security

From the Infosec Island Network

The need for businesses to have an online foot print is critical to reach the masses in today’s competitive environment, but the potential loss of client data and security threats to your network are daunting…

Spam Block: Public Servants or Vigilantes?

From the Infosec Island Network

Does building block lists of IP addresses that are not spammers and distributing this list without notifying the offending party vigilantism or service provision? I lean toward them being vigilantes. Perhaps if a mechanism was in place to warn the alleged spammer they are about to be blocked, the service would seem more friendly…

Sticky Situations in Social Media

From the Infosec Island Network

The Internet has made our personal and professional lives very transparent. We now live in the fishbowl. Despite what many will argue, your privacy is no longer fully in your control. What you say, do and post can live forever. You are being judged in the process. And there are repercussions for those choices you make more now than ever…

Quick Tips for Using Secure Shell

From the Infosec Island Network

SSH is a perfect security alternative to Telnet and has been used by system administrators and IT managers to configure, implement servers and network devices. Here I wanted to list a manual on Secure Shell usage…

Consolidate Compliance With Open Source

From the Infosec Island Network

Fragmented efforts to comply Sarbanes-Oxley (sarbox or SOX), Gramm Leach Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry - Data Security Standard (PCI-DSS), and ISO 27000 series, to name a few, can result in costly duplication of efforts, or worse, security holes due to the confusion of so many resources trying to tackle similar or the same problems…

DoS Attack Reveals Widespread Vulnerabilities

By Anthony M. Freed, Director of Business Development, Infosec Island Network

Infosec Island has once again gained exclusive access to a video demonstration of the XerXeS DoS attack recently developed by the infamous patriot-hacker known only as The Jester. As noted in an analysis of DoS vulnerabilities by security consultant Michael Menefee, more than half of all the websites in the world use Apache, which means this exploit potentially poses a very serious problem should it ever be utilized by nefarious elements…

Next Page »

• Categories

  • Anthony M. Freed (26)
  • Bill Brenner (2)
  • Bob Violino (1)
  • Bozidar Spirovski (23)
  • Breach (540)
  • Britt Womelsdorf (5)
  • By Dr. InfoSec (2)
  • Cara Garretson (7)
  • CCCNews (1)
  • Chorey Taylor & Feil (8)
  • Christophe Veltsos (2)
  • Christopher Burgess (7)
  • CIOZone (26)
  • Class Action Lawsuit (111)
  • Cloud computing (113)
  • Coby Royer (5)
  • CTO Forum (9)
  • D&O Liability (601)
  • Daniel Wallace (5)
  • Danny Lieberman (11)
  • DataLine (10)
  • David Alexander (2)
  • Derek Crawford (1)
  • Doug Pollack (7)
  • due diligence (310)
  • Fame Foundry (1)
  • FEATURE ARTICLE (428)
  • Financial (587)
  • Fred Leland (7)
  • Gene Kim (3)
  • Government (373)
  • Greg George (5)
  • H1N1 (15)
  • hackers (539)
  • healthcare (134)
  • Heather Bourgoin (1)
  • HomeATM (8)
  • identity-theft (535)
  • IDExperts (17)
  • Ike Z. Devji (1)
  • Infosec Island Network (38)
  • Insider Threat (490)
  • Internet Crime Complaint Center (1)
  • Internet Security Alliance (71)
  • ISR News (321)
  • Jacqueline Herships (2)
  • Jenni Hesterman (3)
  • John M. Salomon (2)
  • John Watkins (7)
  • John-Patrick Skaar (2)
  • Kaliber Data Security and Compliance Consultants (3)
  • Kat Sanders (2)
  • Ken Leeser (3)
  • Kevin L. Jackson (10)
  • Kevin M. Nixon (21)
  • Larry Ketchersid (1)
  • Laton McCartney (7)
  • Lauren Taylor (1)
  • Linda McGlasson (1)
  • malware (501)
  • Mark Smail (1)
  • Mark Wright (1)
  • Mel Duvall (3)
  • Michael Eggebrecht (3)
  • Michael Lohr (1)
  • Michael O'Conner (4)
  • MicroSolved (1)
  • Mike Duncan (3)
  • Mike Meikle (4)
  • Mike Spinney (1)
  • Military (211)
  • national security (453)
  • PCI (308)
  • PCI Security Standards Council (32)
  • Physical Security (11)
  • privacy (552)
  • Rachel James (10)
  • reach (11)
  • Rebecca Herold (16)
  • Richard Stiennon (44)
  • Robert Siciliano (34)
  • Sarbanes-Oxley (502)
  • ScamStop (2)
  • Sean Wilkins (2)
  • Semyon Dukach (1)
  • Simon Heron (14)
  • Software Associates (11)
  • Steven Fox (19)
  • SUPERAntiSpyware (3)
  • Sybase (6)
  • Symplified (5)
  • The Jester (8)
  • The Privacy Professor (16)
  • Thomas R. Fox (8)
  • Tom Groenfeldt (2)
  • Tom McLain (2)
  • Trefis (14)
  • Tripwire (18)
  • Uncategorized (621)
  • virtualization (101)
  • Webcast (49)

• ISR Headline Index

  • Hackers Lurking in Hotel Networks
  • 7 Month Vulnerability in Windows Virtual PC
  • How to Secure a Cisco Router
  • On HTML Insecurities…
  • When Social Networking Clashes with Security
  • Spam Block: Public Servants or Vigilantes?
  • Sticky Situations in Social Media
  • Quick Tips for Using Secure Shell
  • Consolidate Compliance With Open Source
  • DoS Attack Reveals Widespread Vulnerabilities
  • Study Shows Employees Put Data at Risk
  • Tracking Google’s Script Kiddie Hackers
  • Newbie Introduction to Digital Forensics Part 2
  • Simple Log Review Checklist Released
  • Press F1 for Help? Microsoft Zero Day Threat!

• Recent Comments

  • Ryan Aslett on Data Loss Prevention Has Jumped the Shark
  • Tom on (Lack Of) Encryption and The HITECH Act
  • ADMIN on Patriot Hacker Hits Jihad With DDoS Attacks
  • Robert Siciliano on Data Loss Prevention Has Jumped the Shark
  • Karen J. Cox on Data Loss Prevention Has Jumped the Shark
  • Scot McLeod on Outsourcing Breach Response Lowers Costs
  • John Marke on Gartner Tells CIOs to Embrace Social Media
  • Social Engineering and Enterprise Security | CIO – Blogs and … | Enterprise Engineering Addict on Gartner Tells CIOs to Embrace Social Media
  • From Russia, With Smartphones on Top 8 Social Media Security Threats
  • Judith Hoffman on Scam Alert: Rogue Gmail Account Phishing
• 
  

  Information Security Resources

  Top network security blogs