Information Security Resources

Quick Tips for Using Secure Shell

ADMIN — Sun, 14 Mar 2010 21:01:06 +0000

SSH is a perfect security alternative to Telnet and has been used by system administrators and IT managers to configure, implement servers and network devices.

Here I wanted to list a manual on Secure Shell usage. First let’s start by choosing SSH client.

We will find no problem because generally there are two accepted solutions PuTTY and SecureCRT, both are really good.

But while SecureCRT is not a free solution we find that many IT Technician prefer to use PuTTY.

With using PuTTY you can connect to your server via: Raw, Telnet, Rlogin, FTP (SFTP), SSH1, SSH2.

In addition to supporting all these protocols you can find more TOOLS…

Continued: https://www.infosecisland.com/blogview/3277-Quick-Tips-on-Secure-Shell.html

All content from Information-Security-Resources.com will begin migrating to the Infosec Island Network:

We are pleased to announce that Infosec Island™ has acquired www.information-security-resources.com, one of the leading online news portals addressing security issues.

The two infosec communities will continue to be operated separately while ISR’s content is gradually migrated to the Infosec Island framework by mid-year.

Don’t miss out on your opportunity to win one of over $10k in service prizes in the Infosec Island Q1 Membership Drive!

Only completed profiles are automatically entered into the drawing. Registration is quick - it takes less than five minutes to complete.

Prizes include:

• The Grand Prize is a FREE core server license, including maintenance, of the Grid Data Security’s Enhanced Authentication Solution from SyferLock™. This prize has a value of up to $10,000.

• Second Prize – The member winning second prize will receive two myKryptofon security software products from I.D. Rank Security, valued at $690.

• Third Prize – Two third prize winners will receive an EncryptStick™ software application download from Onix International Inc.

Register now and win! https://www.infosecisland.com/

We are also seeking active security bloggers and forum moderators - a great way to increase your exposure and generate more business opportunities for your company.

Contact Anthony through your Island email account, or directly at afreed@WireHeadSecurity.com for more details!

Infosec Island is committed to serving the needs of SMBs and mid-market enterprises across many industries, as well as nonprofits, government agencies and educational organizations and the infosec community at large.

* * *

Stay Informed With ISR News Alerts:

* * *

Follow us on Twitter

Consolidate Compliance With Open Source

ADMIN — Sun, 14 Mar 2010 20:48:28 +0000

From Ted LeRoy

Many organizations have to comply with multiple regulatory requirements for their information security infrastructures.

Fragmented efforts to comply Sarbanes-Oxley (sarbox or SOX), Gramm Leach Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry - Data Security Standard (PCI-DSS), and ISO 27000 series, to name a few, can result in costly duplication of efforts, or worse, security holes due to the confusion of so many resources trying to tackle similar or the same problems.

Although many commercial tools are available to unify compliance efforts and to audit them, they come with a price tag that is too high for many small to medium sized businesses.

Continued: https://www.infosecisland.com/blogview/3266-Need-to-consolidate-information-security-compliance-efforts-Try-open-source.html

All content from Information-Security-Resources.com will begin migrating to the Infosec Island Network:

We are pleased to announce that Infosec Island™ has acquired www.information-security-resources.com, one of the leading online news portals addressing security issues.

The two infosec communities will continue to be operated separately while ISR’s content is gradually migrated to the Infosec Island framework by mid-year.

Don’t miss out on your opportunity to win one of over $10k in service prizes in the Infosec Island Q1 Membership Drive!

Only completed profiles are automatically entered into the drawing. Registration is quick - it takes less than five minutes to complete.

Prizes include:

• The Grand Prize is a FREE core server license, including maintenance, of the Grid Data Security’s Enhanced Authentication Solution from SyferLock™. This prize has a value of up to $10,000.

• Second Prize – The member winning second prize will receive two myKryptofon security software products from I.D. Rank Security, valued at $690.

• Third Prize – Two third prize winners will receive an EncryptStick™ software application download from Onix International Inc.

Register now and win! https://www.infosecisland.com/

We are also seeking active security bloggers and forum moderators - a great way to increase your exposure and generate more business opportunities for your company.

Contact Anthony through your Island email account, or directly at afreed@WireHeadSecurity.com for more details!

* * *

Stay Informed With ISR News Alerts:

* * *

Follow us on Twitter

DoS Attack Reveals Widespread Vulnerabilities

ADMIN — Fri, 12 Mar 2010 05:30:21 +0000

By Anthony M. Freed, Director of Business Development, Infosec Island Network

There is an UNEQUAL amount of good and bad in most things, the trick is to work out the ratio and act accordingly… The Jester

Infosec Island has once again gained exclusive access to a video demonstration of the XerXeS DoS attack recently developed by the infamous patriot-hacker known only as The Jester (th3j35t3r).

This new video shows a little more of the XerXeS dashboard, and reveals even more about the attack technique – watch the text box on the left as Jester mentions “Apache” for the first time outside of our private conversations.

As noted below in an analysis of DoS vulnerabilities by security consultant Michael Menefee, more than half of all the websites in the world use Apache, which means this exploit potentially poses a very serious problem should it ever be utilized by nefarious elements…

Continued: See the video and more at InfosecIsland.com

All content from Information-Security-Resources.com will begin migrating to the Infosec Island Network:

We are pleased to announce that Infosec Island™ has acquired www.information-security-resources.com, one of the leading online news portals addressing security issues.

The two infosec communities will continue to be operated separately while ISR’s content is gradually migrated to the Infosec Island framework by mid-year.

Don’t miss out on your opportunity to win one of over $10k in service prizes in the Infosec Island Q1 Membership Drive!

Only completed profiles are automatically entered into the drawing. Registration is quick - it takes less than five minutes to complete.

Prizes include:

• The Grand Prize is a FREE core server license, including maintenance, of the Grid Data Security’s Enhanced Authentication Solution from SyferLock™. This prize has a value of up to $10,000.

• Second Prize – The member winning second prize will receive two myKryptofon security software products from I.D. Rank Security, valued at $690.

• Third Prize – Two third prize winners will receive an EncryptStick™ software application download from Onix International Inc.

Register now and win! https://www.infosecisland.com/

We are also seeking active security bloggers and forum moderators - a great way to increase your exposure and generate more business opportunities for your company.

Contact Anthony through your Island email account, or directly at afreed@WireHeadSecurity.com for more details!

* * *

Stay Informed With ISR News Alerts:

* * *

Follow us on Twitter

* * *

Anthony is a researcher, analyst and freelance writer living in beautiful Eugene, Oregon. Anthony founded Information-Security-Resources.com in 2008, and merged forces with the Infosec Island Network in January of 2010. Infosec Island is committed to serving the needs of SMBs and mid-market enterprises across many industries, as well as nonprofits, government agencies, educational organizations, and the infosec community at large. Contact Anthony at afreed@wireheadsecurity.com regarding all aspects of business development, client and community relations. Many opportunities are currently available for business and strategic alignment at Infosec Island.

The Publisher gives permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author and to Information-Security-Resources.com

Study Shows Employees Put Data at Risk

ADMIN — Thu, 11 Mar 2010 08:55:16 +0000

From www.databreaches.net

From the press release, results of the annual “Human Factor in Laptop Encryption” study by Absolute Software and the Ponemon Institute:

This year’s expanded study was conducted in the United Kingdom, Canada, France, Germany and Sweden, in addition to the United States.

The study found that 15% of German and 13% Swedish business managers have disengaged their encryption solution. In contrast, 52% of Canadian, 53% of British, and 50% of French business managers have disengaged their encryption, while U.S. business managers are the most likely to circumvent company data security policy – topping the survey at 60%.

Other key findings for the U.S. in this year’s study include the following:…

Continued: https://www.infosecisland.com/articleview/3244-Analyst-Study-Shows-Employees-Continue-to-Put-Data-at-Risk.html

All content from Information-Security-Resources.com will begin migrating to the Infosec Island Network:

We are pleased to announce that Infosec Island™ has acquired www.information-security-resources.com, one of the leading online news portals addressing security issues.

The two infosec communities will continue to be operated separately while ISR’s content is gradually migrated to the Infosec Island framework by mid-year.

Don’t miss out on your opportunity to win one of over $10k in service prizes in the Infosec Island Q1 Membership Drive!

Only completed profiles are automatically entered into the drawing. Registration is quick - it takes less than five minutes to complete.

Prizes include:

• The Grand Prize is a FREE core server license, including maintenance, of the Grid Data Security’s Enhanced Authentication Solution from SyferLock™. This prize has a value of up to $10,000.

• Second Prize – The member winning second prize will receive two myKryptofon security software products from I.D. Rank Security, valued at $690.

• Third Prize – Two third prize winners will receive an EncryptStick™ software application download from Onix International Inc.

Register now and win! https://www.infosecisland.com/

We are also seeking active security bloggers and forum moderators - a great way to increase your exposure and generate more business opportunities for your company.

Contact Anthony through your Island email account, or directly at afreed@WireHeadSecurity.com for more details!

* * *

Stay Informed With ISR News Alerts:

* * *

Follow us on Twitter

Tracking Google’s Script Kiddie Hackers

ADMIN — Wed, 10 Mar 2010 07:28:23 +0000

By Aeon Group

If you choose believe the writings of Mandiant, you’re under the impression that Chinese hackers are hellbent on taking over every large corporation in the United States.

If you choose to follow the writings of McAfee[2], you’re under the impression that “Chinese hackers only wanted Google’s secret sauce” – their source code.

If you choose to follow Damballa’s writings[3], the attackers who penetrated Google are amateur script kiddies. Take your pick, there is no lack of speculation.

News surrounding the attacks at Google and other companies are a dime a dozen and, while we have not seen any evidence publicly disclosed, we too can speculate along with everyone else.

My first thoughts surrounding the news of the attack led me to believe that the compromise may have been an inside job. The notion that Google was compromised via “spearphishing” [4] makes little sense.

The theory that IE6 [5] was the attack vector used makes even less sense. What we do know is that this entire Google fiasco is a learning experience that many will learn little from…

Continued: https://www.infosecisland.com/articleview/3235-Even-Einstein-Cant-Track-Googles-Script-Kiddie-Hackers.html

All content from Information-Security-Resources.com will begin migrating to the Infosec Island Network:

We are pleased to announce that Infosec Island™ has acquired www.information-security-resources.com, one of the leading online news portals addressing security issues.

The two infosec communities will continue to be operated separately while ISR’s content is gradually migrated to the Infosec Island framework by mid-year.

Don’t miss out on your opportunity to win one of over $10k in service prizes in the Infosec Island Q1 Membership Drive!

Only completed profiles are automatically entered into the drawing. Registration is quick - it takes less than five minutes to complete.

Prizes include:

• The Grand Prize is a FREE core server license, including maintenance, of the Grid Data Security’s Enhanced Authentication Solution from SyferLock™. This prize has a value of up to $10,000.

• Second Prize – The member winning second prize will receive two myKryptofon security software products from I.D. Rank Security, valued at $690.

• Third Prize – Two third prize winners will receive an EncryptStick™ software application download from Onix International Inc.

Register now and win! https://www.infosecisland.com/

We are also seeking active security bloggers and forum moderators - a great way to increase your exposure and generate more business opportunities for your company.

Contact Anthony through your Island email account, or directly at afreed@WireHeadSecurity.com for more details!

* * *

Stay Informed With ISR News Alerts:

* * *

Follow us on Twitter

Newbie Introduction to Digital Forensics Part 2

ADMIN — Wed, 10 Mar 2010 07:07:07 +0000

By Juan Granados

Up to this point in my career Digital Forensic Analysis consisted of a basic scan for documents from the exited employees hard drive.

Given the extensive nature of my past investigations, I was convinced that I could easily impress the executives at my company by doing more.

So, the research part of my journey began!

The information available on the internet can be a blessing and a curse at the same time. The multitude of information can be overwhelming for the newly annointed Padawan learner.

One thing was clear….Forensic analysis was an art rather than a science. My hope of finding a Cliff’s Notes version of Digital Forensics would prove to be impossible…

Continued: http://information-security-resources.com/wp-admin/post-new.php?posted=8369

All content from Information-Security-Resources.com will begin migrating to the Infosec Island Network:

We are pleased to announce that Infosec Island™ has acquired www.information-security-resources.com, one of the leading online news portals addressing security issues.

The two infosec communities will continue to be operated separately while ISR’s content is gradually migrated to the Infosec Island framework by mid-year.

Don’t miss out on your opportunity to win one of over $10k in service prizes in the Infosec Island Q1 Membership Drive!

Only completed profiles are automatically entered into the drawing. Registration is quick - it takes less than five minutes to complete.

Prizes include:

• The Grand Prize is a FREE core server license, including maintenance, of the Grid Data Security’s Enhanced Authentication Solution from SyferLock™. This prize has a value of up to $10,000.

• Second Prize – The member winning second prize will receive two myKryptofon security software products from I.D. Rank Security, valued at $690.

• Third Prize – Two third prize winners will receive an EncryptStick™ software application download from Onix International Inc.

Register now and win! https://www.infosecisland.com/

We are also seeking active security bloggers and forum moderators - a great way to increase your exposure and generate more business opportunities for your company.

Contact Anthony through your Island email account, or directly at afreed@WireHeadSecurity.com for more details!

* * *

Stay Informed With ISR News Alerts:

* * *

Follow us on Twitter

Simple Log Review Checklist Released

ADMIN — Wed, 10 Mar 2010 06:51:17 +0000

By Anton Chuvakin

Today, many people are looking for very simple solutions to big and complex problems – and the area of logging and log management is no exception.

Following that theme, we have created a “Critical Log Review Checklist for Security Incidents” which is released to the world today.

In addition to HTML, PDF or DOC versions are available as well (alternative hosting location is here).

Feel free to modify the checklist for your own purposes or for internal distribution in your organization - but please keep the attribution to the authors.

Continued: https://www.infosecisland.com/blogview/3220-Simple-Log-Review-Checklist-Released.html

All content from Information-Security-Resources.com will begin migrating to the Infosec Island Network:

We are pleased to announce that Infosec Island™ has acquired www.information-security-resources.com, one of the leading online news portals addressing security issues.

The two infosec communities will continue to be operated separately while ISR’s content is gradually migrated to the Infosec Island framework by mid-year.

Don’t miss out on your opportunity to win one of over $10k in service prizes in the Infosec Island Q1 Membership Drive!

Only completed profiles are automatically entered into the drawing. Registration is quick - it takes less than five minutes to complete.

Prizes include:

• The Grand Prize is a FREE core server license, including maintenance, of the Grid Data Security’s Enhanced Authentication Solution from SyferLock™. This prize has a value of up to $10,000.

• Second Prize – The member winning second prize will receive two myKryptofon security software products from I.D. Rank Security, valued at $690.

• Third Prize – Two third prize winners will receive an EncryptStick™ software application download from Onix International Inc.

Register now and win! https://www.infosecisland.com/

We are also seeking active security bloggers and forum moderators - a great way to increase your exposure and generate more business opportunities for your company.

Contact Anthony through your Island email account, or directly at afreed@WireHeadSecurity.com for more details!

* * *

Stay Informed With ISR News Alerts:

* * *

Follow us on Twitter

Press F1 for Help? Microsoft Zero Day Threat!

ADMIN — Tue, 09 Mar 2010 03:09:08 +0000

From Daniel Kennedy

Microsoft published security advisory 981169 yesterday in response to the zero day vulnerability reported a few days prior.

The vulnerability is in the help system and can be triggered by luring an Internet Explorer user into pressing the F1 key.

Windows 2000, Windows XP SP2 & SP3, and Windows 2003 SP2 with Internet Explorer 7 and Internet Explorer 8 are all affected.

Using the MsgBox VBScript function in an html file, an attacker can create a dialog box prompting the user to hit F1, something that is likely not difficult to do with a message such as “Internet Explorer encountered an error, press F1 to continue”.

The MsgBox function is important as its fourth argument specifies a helpfile parameter, basically which hlp or chm file to launch when the user asks for help via F1…

Continued: https://www.infosecisland.com/blogview/3219-Press-F1-for-Help-pwned.html

All content from Information-Security-Resources.com will begin migrating to the Infosec Island Network:

We are pleased to announce that Infosec Island™ has acquired www.information-security-resources.com, one of the leading online news portals addressing security issues.

The two infosec communities will continue to be operated separately while ISR’s content is gradually migrated to the Infosec Island framework by mid-year.

Don’t miss out on your opportunity to win one of over $10k in service prizes in the Infosec Island Q1 Membership Drive!

Only completed profiles are automatically entered into the drawing. Registration is quick - it takes less than five minutes to complete.

Prizes include:

• The Grand Prize is a FREE core server license, including maintenance, of the Grid Data Security’s Enhanced Authentication Solution from SyferLock™. This prize has a value of up to $10,000.

• Second Prize – The member winning second prize will receive two myKryptofon security software products from I.D. Rank Security, valued at $690.

• Third Prize – Two third prize winners will receive an EncryptStick™ software application download from Onix International Inc.

Register now and win! https://www.infosecisland.com/

We are also seeking active security bloggers and forum moderators - a great way to increase your exposure and generate more business opportunities for your company.

Contact Anthony through your Island email account, or directly at afreed@WireHeadSecurity.com for more details!

* * *

Stay Informed With ISR News Alerts:

* * *

Follow us on Twitter

A Newbie’s Introduction to Digital Forensics

ADMIN — Tue, 09 Mar 2010 02:58:26 +0000

From Juan Granados

The economic and business challenges of the last year have forced changes to business priorities in many areas. For IT, increased scrutiny was placed on data leakage and security.

When times are good, businesses can become distracted with new products and technologies. It is not until budgets are cut that the focus moves inward.

This shift can be very hard for IT professional who are used to the “fast paced” environment that higher IT budgets create.

For IT management, the need for increased internal security can be a very uncomfortable transition. Being an ex-Police officer, this company shift was much easier for me to digest. However, I had no idea that these two “worlds” would collide so quickly.

So, what does an IT manager do when the company shifts toward a compliance focus?

Continued: https://www.infosecisland.com/blogview/3213-Newbie-introduction-to-digital-forensics-Part-1.html

All content from Information-Security-Resources.com will begin migrating to the Infosec Island Network:

We are pleased to announce that Infosec Island™ has acquired www.information-security-resources.com, one of the leading online news portals addressing security issues.

The two infosec communities will continue to be operated separately while ISR’s content is gradually migrated to the Infosec Island framework by mid-year.

Don’t miss out on your opportunity to win one of over $10k in service prizes in the Infosec Island Q1 Membership Drive!

Only completed profiles are automatically entered into the drawing. Registration is quick - it takes less than five minutes to complete.

Prizes include:

• The Grand Prize is a FREE core server license, including maintenance, of the Grid Data Security’s Enhanced Authentication Solution from SyferLock™. This prize has a value of up to $10,000.

• Second Prize – The member winning second prize will receive two myKryptofon security software products from I.D. Rank Security, valued at $690.

• Third Prize – Two third prize winners will receive an EncryptStick™ software application download from Onix International Inc.

Register now and win! https://www.infosecisland.com/

We are also seeking active security bloggers and forum moderators - a great way to increase your exposure and generate more business opportunities for your company.

Contact Anthony through your Island email account, or directly at afreed@WireHeadSecurity.com for more details!

* * *

Stay Informed With ISR News Alerts:

* * *

Follow us on Twitter

Security Best Practice: Trust But Verify…

ADMIN — Tue, 09 Mar 2010 02:50:22 +0000

From Jason Remillard

This highlights a major issue that we have been discussing for a long time with all of our customers — that is, the need for ongoing Malware detection scanning.

Your site might be nailed down. Your site might be clean from SQL injection, Apache flaws, cross site scripting, and the myriads of other issues associated with open source and custom developed software.

However if you run any sort of ad network, widgets, or anything else that inserts code from other sites you are running a major risk.

Very interestingly enough, in the past five or six days we have been detecting ad networks including Google Adsense, Adultadwords, and Adbrite allowing malware-laden ads on their networks.

We are not the only ones who have identified this issue, check out the following links for more information about them..

Continued: https://www.infosecisland.com/blogview/3210-Trust-but-verify.html

All content from Information-Security-Resources.com will begin migrating to the Infosec Island Network:

We are pleased to announce that Infosec Island™ has acquired www.information-security-resources.com, one of the leading online news portals addressing security issues.

The two infosec communities will continue to be operated separately while ISR’s content is gradually migrated to the Infosec Island framework by mid-year.

Don’t miss out on your opportunity to win one of over $10k in service prizes in the Infosec Island Q1 Membership Drive!

Only completed profiles are automatically entered into the drawing. Registration is quick - it takes less than five minutes to complete.

Prizes include:

• The Grand Prize is a FREE core server license, including maintenance, of the Grid Data Security’s Enhanced Authentication Solution from SyferLock™. This prize has a value of up to $10,000.

• Second Prize – The member winning second prize will receive two myKryptofon security software products from I.D. Rank Security, valued at $690.

• Third Prize – Two third prize winners will receive an EncryptStick™ software application download from Onix International Inc.

Register now and win! https://www.infosecisland.com/

We are also seeking active security bloggers and forum moderators - a great way to increase your exposure and generate more business opportunities for your company.

Contact Anthony through your Island email account, or directly at afreed@WireHeadSecurity.com for more details!

* * *

Stay Informed With ISR News Alerts:

* * *

Follow us on Twitter

Google, Adobe, and Big Oil Under Attack!

ADMIN — Tue, 09 Mar 2010 02:38:40 +0000

From Ted LeRoy

The work of protecting information is becoming more difficult with time.

The recently discovered attacks on Google, Adobe, Marathon Oil, ExxonMobil, and ConocoPhillips illustrate an alarming trend.

The attacks even gave rise to a new attack model, the Advanced Persistent Threat (APT).

Other traits that may be found in an Advanced Persistent Threat attack are spear phishing “C” level executives and others to gain access to their systems, and employing zero-day exploits.

The command and control (C&C) for these exploits may utilize encrypted channels making them hard to detect.

Some of the most disturbing aspects of APT attacks are…

Continued: https://www.infosecisland.com/blogview/3205-Google-Adobe-and-Big-Oil-Attack-Commonalities.html

All content from Information-Security-Resources.com will begin migrating to the Infosec Island Network:

We are pleased to announce that Infosec Island™ has acquired www.information-security-resources.com, one of the leading online news portals addressing security issues.

The two infosec communities will continue to be operated separately while ISR’s content is gradually migrated to the Infosec Island framework by mid-year.

Don’t miss out on your opportunity to win one of over $10k in service prizes in the Infosec Island Q1 Membership Drive!

Only completed profiles are automatically entered into the drawing. Registration is quick - it takes less than five minutes to complete.

Prizes include:

• The Grand Prize is a FREE core server license, including maintenance, of the Grid Data Security’s Enhanced Authentication Solution from SyferLock™. This prize has a value of up to $10,000.

• Second Prize – The member winning second prize will receive two myKryptofon security software products from I.D. Rank Security, valued at $690.

• Third Prize – Two third prize winners will receive an EncryptStick™ software application download from Onix International Inc.

Register now and win! https://www.infosecisland.com/

We are also seeking active security bloggers and forum moderators - a great way to increase your exposure and generate more business opportunities for your company.

Contact Anthony through your Island email account, or directly at afreed@WireHeadSecurity.com for more details!

* * *

Stay Informed With ISR News Alerts:

* * *

Follow us on Twitter

Building your OWN Malware Lab (Part 2)

ADMIN — Mon, 08 Mar 2010 08:21:37 +0000

By Mourad Ben Lakhoua

Today’s Malware Strategy and Tactics are advanced and sophisticated. The main easonr for that is to trick antiviruses.

Some are using encryption to make it difficult for any security software product to add any an AutoRun to the registry entries to defend itself against anti-malware software, or just by adding a line to the host file to prevent the antivirus from updating their definition.

ThreatExpert is an advanced automated threat analysis system designed to analyze and report the behavior of computer viruses, worms, trojans, adware, spyware, and other security-related risks in a fully automated mode.

The report by ThreatExpert includes very important information regarding any file and is divided to two parts…

Continued: https://www.infosecisland.com/blogview/3199-Building-your-OWN-Malware-Lab-Part-2.html

All content from Information-Security-Resources.com will begin migrating to the Infosec Island Network:

We are pleased to announce that Infosec Island™ has acquired www.information-security-resources.com, one of the leading online news portals addressing security issues.

The two infosec communities will continue to be operated separately while ISR’s content is gradually migrated to the Infosec Island framework by mid-year.

Don’t miss out on your opportunity to win one of over $10k in service prizes in the Infosec Island Q1 Membership Drive!

Only completed profiles are automatically entered into the drawing. Registration is quick - it takes less than five minutes to complete.

Prizes include:

• The Grand Prize is a FREE core server license, including maintenance, of the Grid Data Security’s Enhanced Authentication Solution from SyferLock™. This prize has a value of up to $10,000.

• Second Prize – The member winning second prize will receive two myKryptofon security software products from I.D. Rank Security, valued at $690.

• Third Prize – Two third prize winners will receive an EncryptStick™ software application download from Onix International Inc.

Register now and win! https://www.infosecisland.com/

We are also seeking active security bloggers and forum moderators - a great way to increase your exposure and generate more business opportunities for your company.

Contact Anthony through your Island email account, or directly at afreed@WireHeadSecurity.com for more details!

* * *

Stay Informed With ISR News Alerts:

* * *

Follow us on Twitter

How Twitter Spam Steals From Google, Yahoo!

ADMIN — Mon, 08 Mar 2010 08:00:38 +0000

From Chester Wisniewski

Scammers have been devising ways to ride on someone else’s coattails since the dawn of time.

With every new technology they find another way to make money from nothing.

Today I am going to highlight a method that involves Twitter, Yahoo!, and Google AdSense.

I was innocently monitoring my Twitter feed last night when I saw someone tweet “Sophos acquires anti-spam specialist ActiveState.: An article from: Software Industry Report hxxp://censored”.

Interesting… I used to work at ActiveState and know we were acquired in 2003. Something was fishy…

Continued: https://www.infosecisland.com/blogview/3198-How-Twitter-spam-steals-from-Google-Yahoo.html

All content from Information-Security-Resources.com will begin migrating to the Infosec Island Network:

We are pleased to announce that Infosec Island™ has acquired www.information-security-resources.com, one of the leading online news portals addressing security issues.

The two infosec communities will continue to be operated separately while ISR’s content is gradually migrated to the Infosec Island framework by mid-year.

Don’t miss out on your opportunity to win one of over $10k in service prizes in the Infosec Island Q1 Membership Drive!

Only completed profiles are automatically entered into the drawing. Registration is quick - it takes less than five minutes to complete.

Prizes include:

• The Grand Prize is a FREE core server license, including maintenance, of the Grid Data Security’s Enhanced Authentication Solution from SyferLock™. This prize has a value of up to $10,000.

• Second Prize – The member winning second prize will receive two myKryptofon security software products from I.D. Rank Security, valued at $690.

• Third Prize – Two third prize winners will receive an EncryptStick™ software application download from Onix International Inc.

Register now and win! https://www.infosecisland.com/

We are also seeking active security bloggers and forum moderators - a great way to increase your exposure and generate more business opportunities for your company.

Contact Anthony through your Island email account, or directly at afreed@WireHeadSecurity.com for more details!

* * *

Stay Informed With ISR News Alerts:

* * *

Follow us on Twitter

Tech Stocks Week in Review Featuring iPad

ADMIN — Sun, 07 Mar 2010 21:31:01 +0000

From Trefis.com

Trefis, named for its focus on trends, forecasts, and insights, is revolutionary in its forward-looking approach to stock analysis, which incorporates an intuitive look at the relationship between a company’s product divisions and its stock price. More about Trefis: Innovative Analytic Tool Empowers Investors

Below is a summary of the activity on Trefis during the past week that we thought you would find interesting.

Insights from the Week

Apple Stock: iPad Business More Valuable Than Mac Desktops on March 2, 2010 We estimate that Apple’s iPad business accounts for 4% of the $267 Trefis price estimate for Apple’s stock compared to about 3% for Apple’s Mac desktop business…
Trefis Analysis: What percent of eBay’s stock is PayPal? on March 5, 2010 eBay is known primarily for its marketplaces (ebay.com, half.com) where buyers and sellers exchange a variety of merchandise online. However, the company also makes a significant amount of money from its online payments platform, PayPal…
Shifting Consumer Preference from Buying to Renting DVDs Can Benefit Netflix’s Stock on March 5, 2010 Netflix, which makes money by charging monthly subscription fees to its movie rental customers, can benefit from the shift in consumer preference to renting instead of owning DVDs…
Qualcomm’s Mobile TV App Drives Demand for Powerful Mobile Chips on March 5, 2010 Although the direct contribution of the mobile TV business for Qualcomm is small, demand for mobile TV can drive sales of more powerful Qualcomm mobile phone chipset …
iPhone Could Overtake BlackBerry Market Share in 2011 on March 5, 2010 RIM’s market share lead over Apple has been shrinking and we estimate that Apple will be able to overtake RIM market share by early 2011…
Microsoft’s Deal with Yahoo Could Hurt Google’s Stock on March 5, 2010 We believe that the Microsoft-Yahoo Search partnership will improve the Bing search engine by giving Microsoft access to all Yahoo searches…
Disney Characters Drive $8 billion Disney Consumer Merchandise Business on March 4, 2010 We estimate that Disney’s consumer products business is worth about $8 billion and contributes about 10% of the $36.73 of Trefis price estimate for Disney’s stoc …

Verizon and Vodafone Can Help Google Sell 5 Million Smartphones in 2010 on March 4, 2010 Google’s recently launched smartphone, the Nexus One, is likely to be sold by Verizon in addition to T-Mobile soon…
Comcast Deal Can Slow Symantec’s Market Share Declines on March 4, 2010 Apple sold about 43 million iPhones globally from June 2007 through the end of 2009. During the same period, AT&T’s subscriber count increased by about 22 million, implying more than a 2% rise in market share…
Market Share Declines Could Hurt Motorola on March 3, 2010 Symantec recently won a deal over its competitor McAfee (NYSE:MFE) to provide its Norton Suite of antivirus software to Comcast’s 15 million high speed internet customers…
Apple’s iPad can help New York Times’ online ad business and boost NYT stock on March 3, 2010 Taking cues from the positive impact of smartphones on nytimes.com viewership, we expect that the iPad can have some impact on the website’s unique visitors if iPad sales trend as we forecast…
27% of Qualcomm’s Stock is Value of its Cash on March 3, 2010 Qualcomm provides the technology used in many of the mobile phones sold today and the royalties that it earns from the use of its technology helps drive growth of its cash balanc …
Cisco’s Router Business is Worth More Than $20 billion on March 2, 2010 We estimate that Cisco’s router business constitutes more than $20 billion of Cisco’s value, which implies that about 15% of the $23 Trefis price estimate for Cisco’s stock is from router …
Increased political ad spend benefits CBS; upside to stock is small on March 1, 2010 Typically, political ad dollars are spent with big media companies that own broadcast networks (CBS, ABC, NBC, Fox). We expect CBS, one of the leading broadcast networks, to earn a significant share of the extra ad dollars…
Trefis Analysis: What percent of Apple’s stock is Apple TV? on March 1, 2010 Apple launched Apple TV in early 2007 and has only sold about 10 million Apple TV units to date. In comparison, the company has sold more than 40 million iPhones since the launch of the device in mid-2007…
30% Upside for Sprint Stock if it Can Revert Subscriber Losses on March 1, 2010 The company is making efforts to improve its network and quality of customer service that could lead to a reversal in the subscriber trend and boost Sprint’s stock…
iPad Gross Profit Margins Higher than iPod and Kindle Margins on March 1, 2010 Apple’s gross profit margin on the first generation iPads sold in 2010 is expected to be around 55%…

Community Activity

Netflix community price decreased from $65.61 to $61.89
23 community model updates in the past week
RIM community price increased from $83.57 to $88.49
14 community model updates in the past week

New York Times community price increased from $13.23 to $15.22
4 community model updates in the past week

Active Stocks

SanDisk increased 14% from $29.15 to $33.32 (Trefis price was $30.15, and we kept it unchanged) You can see our complete model for SanDisk here.

Monster increased 12% from $13.95 to $15.68 (Trefis price was $10.70, and we kept it unchanged)You can see our complete model for Monster here.

CBS increased 12% from $12.99 to $14.57 (Trefis price was $9.22, and we kept it unchanged)
You can see our complete model for CBS here.

* * *

Stay Informed With ISR News Alerts:

* * *

Follow us on Twitter

* * *

The Publisher gives permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author and to Information-Security-Resources.com

DoD Endorses Certification for Hackers

ADMIN — Fri, 05 Mar 2010 05:46:52 +0000

Fom Saumil Shah

The U.S. Department of Defense (DoD) announces the official approval of the EC-Council Certified Ethical Hacker (CEH) certification program as a new baseline skills requirement for U.S.cyber defenders.

Specifically, the new Certified Ethical Hacker program is required for the DoD’s computer network defenders (CND’s), a specialized personnel classification within the DoD’s information assurance workforce.

The Certified Ethical Hacker requirement falls under the auspices of DoD Directive 8570 Information Assurance Workforce Improvement Program.

The current version (incorporating Change 2) was signed by Assistant Secretary of Defense, John G. Grimes and was officially instated on February 25, 2010.

Directive 8570 provides clear guidance to information assurance training, certification and workforce management across all components of the DoD…

Continued : https://www.infosecisland.com/articleview/3061-United-States-Department-of-Defense-Embraces-Hacker-Certification-to-Protect-US-Interests.html

All content from Information-Security-Resources.com will begin migrating to the Infosec Island Network:

We are pleased to announce that Infosec Island™ has acquired www.information-security-resources.com, one of the leading online news portals addressing security issues.

The two infosec communities will continue to be operated separately while ISR’s content is gradually migrated to the Infosec Island framework by mid-year.

Don’t miss out on your opportunity to win one of over $10k in service prizes in the Infosec Island Q1 Membership Drive!

Only completed profiles are automatically entered into the drawing. Registration is quick - it takes less than five minutes to complete.

Prizes include:

• The Grand Prize is a FREE core server license, including maintenance, of the Grid Data Security’s Enhanced Authentication Solution from SyferLock™. This prize has a value of up to $10,000.

• Second Prize – The member winning second prize will receive two myKryptofon security software products from I.D. Rank Security, valued at $690.

• Third Prize – Two third prize winners will receive an EncryptStick™ software application download from Onix International Inc.

Register now and win! https://www.infosecisland.com/

We are also seeking active security bloggers and forum moderators - a great way to increase your exposure and generate more business opportunities for your company.

Contact Anthony through your Island email account, or directly at afreed@WireHeadSecurity.com for more details!

* * *

Stay Informed With ISR News Alerts:

* * *