Showing posts from 2009

Today's Security Variety

TLS Renegotiation Vulnerability

RBS Worldpay Reading

Evil Maid and the Challenges of Full Disk Encryption

NIST SMB Security Guide - Steps in the Right Direction

Mandating Protection, Society and Seatbelts

Simple and Free File Examination

Gonzalez, Toey - Ringleaders?

Albert Gonzalez aka soup Nazi - 130M Records?

Ineffective Laptop Recovery Software + Whitelisted Persistent BIOS Rootkit = Fail!

PCI Compliance - Brand Fines Changing?

Top 10 Botnets

Twitter Hack - Techcrunch Ethics

Anti-virus Statistics - Motivations

White-hat Budgeting

Mobile Device Protection - Is this not standard practice yet?

Blackhat Economics - Are you feeling safe today?

New HTTP Flooding Tool - Apache Default Configuration

New Research on RFC1918 Describes Vulnerabilities

US Cyber Security Report and Press Conference

Java Vulnerability within Fully Patched OSX - POC

OpenSolaris, ZFS, iSCSI and OSX - Creative Storage - Part II

PCI Compliance - IT or Legal Issue - New Paper

New Link, RSA Conference 2009 - Webcasts

New report released! - Office of the Auditor General of Alberta

New Updates Conficker - April 9th

OpenSolaris, ZFS, iSCSI and OSX - Creative Storage - Part I

Conficker Reporting

Older TOR Research Paper - Privacy and Security Study

Securing OSX - Apple's Leopard Security Guide

Charlie Miller - Toms Hardware Exclusive

SmartPhone Pwn2Own Results Reflect Security of the Device?

A few more details regarding the peristent BIOS infection

PII Guide Draft from NIST - SP800-122

Update from CanSecWest

Updates from CanSecWest

Prioritizing PCI Compliance Activity

FISMA - Compliance Guidance Drafted by CSIS

Zero day targeted threats - don't panic if they are targeted?

Alberta's Audit of IT Security Halted

ISACA Publication - RISK IT governance processes for managing IT Risks

New Google Maps for Mobile - Latitude

Application Security Procurement Language

ISC2 Releases Online Resource Guide

Aligning Online Security Interests

Completely Automated Brief History - Completely Automated Public Turing Test to Tell Computers and Humans Apart

OS X Forensics Resources

ISACA Publication - Defining Information Security Manager Position Requirements

Responsibility for Public Information Security Training

3rd Largest Data Breach Reported

Security Strengths of Cloud Services

SANS Top 25 Programming Errors

Forensics Links