How Twitter Spam Steals From Google, Yahoo!

From the Infosec Island Network

Scammers have been devising ways to ride on someone else’s coattails since the dawn of time. With every new technology they find another way to make money from nothing. I was innocently monitoring my Twitter feed last night when I saw someone tweet “Sophos acquires anti-spam specialist ActiveState.: An article from: Software Industry Report hxxp://censored”. Interesting… I used to work at ActiveState and know we were acquired in 2003. Something was fishy…

Tech Stocks Week in Review Featuring iPad

From Trefis.com

Apple Stock: iPad Business More Valuable Than Mac Desktops - We estimate that Apple’s iPad business accounts for 4% of the $267 Trefis price estimate for Apple’s stock compared to about 3% for Apple’s Mac desktop business…

DoD Endorses Certification for Hackers

From the Infosec Island Network

The U.S. Department of Defense (DoD) announces the official approval of the EC-Council Certified Ethical Hacker (CEH) certification program as a new baseline skills requirement for U.S.cyber defenders. Specifically, the new Certified Ethical Hacker program is required for the DoD’s computer network defenders (CND’s), a specialized personnel classification within the DoD’s information assurance workforce.

Risk Based Enterprise Compliance Programs

By Thomas R. Fox, Attorney at Tom Fox Law

A recent benchmarking survey of Third Party Codes of Conduct was conducted by the Society of Corporate Compliance and Ethics (SCCE) and reported on by Rebecca Walker. The findings indicated that a majority of companies with an otherwise robust compliance program do not extend this to third parties with which they conduct business. For those companies who now desire to evaluate their third party business partners for Foreign Corrupt Practices Act (FCPA) compliance, how and where do they begin?

Data Loss Prevention Has Jumped the Shark

By Robert Siciliano, ID Theft Expert and Security Consultant to Intelius.com

The FTC sending a warning to 100 companies and agencies that their employees are leaking client and sensitive data on the web via Peer to Peer file sharing (P2P) is the single most pathetic and embarrassing communication to come across the desk of an IT professional. It’s over, Johnny IT’S OVER…

File-Sharing Software Threat to Health Privacy

From the Infosec Island Network

There is a real risk of inadvertent disclosure of PHI through peer-to-peer file sharing networks, although the risk is not as large as for PFI. Anyone keeping PHI on their computers should avoid installing file sharing applications on their computers, or if they have to use such tools, actively manage the risks of inadvertent disclosure of their, their family’s, their clients’, or patients’ PHI…

Leveraging Open Source for Business Intel

By Bozidar Spirovski, CISSP, MCSA, MCP

Open source intelligence (OSINT) is a form of intelligence collection management that involves finding, selecting, and acquiring information from publicly available sources and analyzing it to produce actionable intelligence…

Outsourcing Breach Response Lowers Costs

By Doug Pollack, Chief Marketing Officer for ID Experts

The Ponemon Institute last month released their 5th annual 2009 Annual Study: Cost of Data Breach. This year, the report explored several new areas and came up with some interesting and in some cases surprising conclusions…

Gartner Tells CIOs to Embrace Social Media

By Laton McCartney, Editor at CIOZone

Has someone been putting strange substances in the drinking water at Gartner’s Greenwich, CT headquarters? Some of their analysts are beginning to sound like New Age gurus on a mission to bring peace, love and harmony to the corporate world. Consider these words of wisdom recently imparted by Gartner analysts to clients at an Orlando conference…

Social Engineering and Enterprise Security

From the Infosec Island Network

What does our enterprise information have in common with President Obama and Vice President Biden? The need for constant protection. Your enterprise data needs protection from the host of technical and human threats that seem to evolve daily. The President and Vice President require the same protection, albeit amplified due to their position in the world power scheme…

Next Page »

• Categories

  • Anthony M. Freed (25)
  • Bill Brenner (2)
  • Bob Violino (1)
  • Bozidar Spirovski (23)
  • Breach (539)
  • Britt Womelsdorf (5)
  • By Dr. InfoSec (2)
  • Cara Garretson (7)
  • CCCNews (1)
  • Chorey Taylor & Feil (8)
  • Christophe Veltsos (2)
  • Christopher Burgess (7)
  • CIOZone (26)
  • Class Action Lawsuit (111)
  • Cloud computing (102)
  • Coby Royer (5)
  • CTO Forum (9)
  • D&O Liability (590)
  • Daniel Wallace (5)
  • Danny Lieberman (11)
  • DataLine (10)
  • David Alexander (2)
  • Derek Crawford (1)
  • Doug Pollack (7)
  • due diligence (299)
  • Fame Foundry (1)
  • FEATURE ARTICLE (427)
  • Financial (576)
  • Fred Leland (7)
  • Gene Kim (3)
  • Government (362)
  • Greg George (5)
  • H1N1 (15)
  • hackers (528)
  • healthcare (123)
  • Heather Bourgoin (1)
  • HomeATM (8)
  • identity-theft (524)
  • IDExperts (17)
  • Ike Z. Devji (1)
  • Infosec Island Network (27)
  • Insider Threat (479)
  • Internet Crime Complaint Center (1)
  • Internet Security Alliance (60)
  • ISR News (321)
  • Jacqueline Herships (2)
  • Jenni Hesterman (3)
  • John M. Salomon (2)
  • John Watkins (7)
  • John-Patrick Skaar (2)
  • Kaliber Data Security and Compliance Consultants (3)
  • Kat Sanders (2)
  • Ken Leeser (3)
  • Kevin L. Jackson (10)
  • Kevin M. Nixon (21)
  • Larry Ketchersid (1)
  • Laton McCartney (7)
  • Lauren Taylor (1)
  • Linda McGlasson (1)
  • malware (490)
  • Mark Smail (1)
  • Mark Wright (1)
  • Mel Duvall (3)
  • Michael Eggebrecht (3)
  • Michael Lohr (1)
  • Michael O'Conner (4)
  • MicroSolved (1)
  • Mike Duncan (3)
  • Mike Meikle (4)
  • Mike Spinney (1)
  • Military (200)
  • national security (442)
  • PCI (298)
  • PCI Security Standards Council (32)
  • Physical Security (11)
  • privacy (541)
  • Rachel James (10)
  • reach (1)
  • Rebecca Herold (16)
  • Richard Stiennon (44)
  • Robert Siciliano (34)
  • Sarbanes-Oxley (491)
  • ScamStop (2)
  • Sean Wilkins (2)
  • Semyon Dukach (1)
  • Simon Heron (14)
  • Software Associates (11)
  • Steven Fox (19)
  • SUPERAntiSpyware (3)
  • Sybase (6)
  • Symplified (5)
  • The Jester (7)
  • The Privacy Professor (16)
  • Thomas R. Fox (8)
  • Tom Groenfeldt (2)
  • Tom McLain (2)
  • Trefis (13)
  • Tripwire (18)
  • Uncategorized (620)
  • virtualization (90)
  • Webcast (48)

• ISR Headline Index

  • Tracking Google’s Script Kiddie Hackers
  • Newbie Introduction to Digital Forensics Part 2
  • Simple Log Review Checklist Released
  • Press F1 for Help? Microsoft Zero Day Threat!
  • A Newbie’s Introduction to Digital Forensics
  • Security Best Practice: Trust But Verify…
  • Google, Adobe, and Big Oil Under Attack!
  • Building your OWN Malware Lab (Part 2)
  • How Twitter Spam Steals From Google, Yahoo!
  • Tech Stocks Week in Review Featuring iPad
  • DoD Endorses Certification for Hackers
  • Risk Based Enterprise Compliance Programs
  • Data Loss Prevention Has Jumped the Shark
  • File-Sharing Software Threat to Health Privacy
  • Leveraging Open Source for Business Intel

• Recent Comments

  • Tom on (Lack Of) Encryption and The HITECH Act
  • ADMIN on Patriot Hacker Hits Jihad With DDoS Attacks
  • Robert Siciliano on Data Loss Prevention Has Jumped the Shark
  • Karen J. Cox on Data Loss Prevention Has Jumped the Shark
  • Scot McLeod on Outsourcing Breach Response Lowers Costs
  • John Marke on Gartner Tells CIOs to Embrace Social Media
  • Social Engineering and Enterprise Security | CIO – Blogs and … | Enterprise Engineering Addict on Gartner Tells CIOs to Embrace Social Media
  • From Russia, With Smartphones on Top 8 Social Media Security Threats
  • Judith Hoffman on Scam Alert: Rogue Gmail Account Phishing
  • Alec Phillips on Afraid of the Cloud? Ask the Right Questions
• 
  

  Information Security Resources

  Top network security blogs