User Blogs

User Blogs

Discussions and Blogs
Tags >> IT Security
May 24
2012

IT Security: Preventing Insider Threat

Posted by Robert Siciliano in IT Security , Insider Threat

Robert Siciliano

A “Logic Bomb” isn’t really logical, it’s a virus, designed to take down your corporate network and disable existing systems that may monitor data, protect it, back it up or access it. A logic bomb is designed to multiply like any virus and spread throughout a network multiplying its effects.

Mar 23
2012

Don’t Let Location-Based Services Put You in Danger

Posted by Robert Siciliano in IT Security

Robert Siciliano

Location-based services utilize geo-location information to publish your whereabouts. In some cases, these services can also provide discounts or freebies as a reward for “checking in” at participating businesses and gathering “points.” These services can also be used to share photos and other media in real-time with your friends and followers.

Jan 18
2012

Security Beyond the Desktop

Posted by Robert Siciliano in IT Security

Robert Siciliano

A defensive posture no longer suffices for the protection of the devices and data that have become ubiquitous in today’s digital world. Rather than simply rushing to install defenses on computers, in networks, and in the cloud, we urgently need to step back and take a broader view of the security landscape, in order to take more calculated preemptive measures.

Oct 18
2011

Consumers Need to Rethink IT Security and Safety

Posted by Robert Siciliano in Mobile Devices , IT Security

Robert Siciliano

Hackers and crackers and data breaches! Oh my! Confused? Overwhelmed? Don’t care? You should, and there’s help.

Aug 10
2011

Improving the IT & Security Industry - A Top-Down Effort

Posted by Don Eijndhoven in IT Security

Don Eijndhoven

The ever ongoing debate about quality IT staff once again received a nudge, this time by an article of J.Oquendo. In his article he takes another brutally honest stab at the Industry by pointing out that the new Shady RAT attacks aren't that new and would have been easily caught by capable personnel. I agree with that view very strongly and would also like to point out that Shady RAT is really no different than Night Dragon in that both attack waves used techniques that have been known for a decade or more. Oviously someone is asleep at the wheel, but who?

Aug 03
2011

FFIEC Mandates “System Of Layered Security” to Combat Fraud

Posted by Robert Siciliano in IT Security , Fraud , FFIEC , Federal Government

Robert Siciliano

For any cave-dwelling, living-under-a-rock, head-in-the-sand, naïve, under-informed members of society who aren’t paying attention, we have serious cyber-security issues on our hands.

Black hat hackers, who break into networks to steal for financial gain, are wreaking havoc on banks, retailers, online gaming websites, and social media. Black hats cost these companies and their clients billions of dollars every year. They are using stolen usernames and passwords to transfer money through wire transfers, Automated Clearing House (ACH) and through billing fraud.

Jul 19
2011

Social Networking Security Awareness

Posted by Robert Siciliano in Social Media , IT Security

Robert Siciliano

One in five online consumers has been a victim of cybercrime in the past two years. Social networking is a direct link to the problem. While social networks allow you to keep in touch with family and friends, there are issues to be concerned about.

Jun 03
2011

Security Awareness and Why Things Aren't Improving

Posted by Don Eijndhoven in IT Security

Don Eijndhoven

Earlier this week news broke of Google's interruption of a large-scale phishing expedition, which alluded to some state involvement of China. This inspired a host of experts to write about it and J Oquendo's article on InfoSecIsland inspired me to write mine. In his article mr. Oquendo asserts that its remarkable (read: stupid) that US officials still seem to be using commercial email services such as GMail for exchange of security sensitive and sometimes mission-critical information, instead of using the available high-security services offered by the US Government that they should be using. In this day and age, with a nearly constant barrage of security breaches in the news, people don't seem to be getting any more aware of security issues.

May 11
2011

Top 5 Business Security Risks

Posted by Robert Siciliano in Risk Management , IT Security , Data Backup

Robert Siciliano

1. Data Breaches: Businesses suffer most often from data breaches, making up 35% of total breaches. Medical and healthcare services are also frequent targets, accounting for 29.1% of breaches. Government and military make up 16.2%, banking, credit, and financial services account for 10.5%, and 9.2% of breaches occur in educational institutes.

Apr 15
2011

Study Shows Single Software Security Incidents Costs Average $300,000

Posted by Robert Siciliano in IT Security , HP , Aberdeen Group

Robert Siciliano

A recent study of more than 150 organizations conducted by Aberdeen Group(1) found that the average total cost to remediate a single application security incident is approximately $300,000. As security incidents can happen at any point in the application life cycle, modernization initiatives can prove especially costly if they are not proactively secured from development to operations.

Apr 14
2011

Epsilon Breach Will Impact Consumers for Years

Posted by Robert Siciliano in IT Security , Epsilon

Robert Siciliano

This week consumers are receiving messages from trusted companies such as 1-800-Flowers, Chase, Hilton HHonors and others, letting them know that their e-mail addresses have been exposed due to the recent Epsilon data breach.  This provides a perfect opportunity for cybercriminals, who may try to take advantage of the breach to send out phishing e-mails designed to steal user names and passwords.  Since consumers are receiving legitimate e-mails, they may be less suspicious of the phishing  or spear phishing ones.

Mar 27
2011

Cyber Deterrence - Methods & Effectiveness

Posted by Don Eijndhoven in IT Security

Don Eijndhoven

The term "Cyber Deterrence" is gaining traction lately, with regard to the act of deterring cyber attacks. I've seen at least one author (Richard Clarke) use it in his book about Cyber Warfare. In many cases the proponents of this term invoke existing Deterrence Strategies such as the MAD doctrine that was used to prevent Nuclear weapons during the Cold War, and use it as a model on Cyber Warfare.

  • «
  •  Start 
  •  Prev 
  •  1 
  •  2 
  •  Next 
  •  End 
  • »

Subscribe via Email

 Your Email:
Banner

Tag Cloud

2012 abduction Aberdeen Group alarm alarms amazon Android antivirus Apple Application Security Apps atm safety ATM scams atm security ATM Skimming Audit authentication auto scam Bank Fraud Banking Security BillGuard biometric biometric password Black Hat Hackers BlackBerry botnet BPM breaches Browser Security BS 25999 burglar burglary Business Continuity business security BYOD camera surveillance systems car keys car scams card fraud catphishing change management cheating child credit child identity theft child internet safety child ssn children pictures Chip and PIN cards Cloud Cloud Security Cobit collaboration Community discussion Compliance computer failure computer security Consumer Fraud Consumer IT Tips consumer privacy consumer scams contactless Craigslist craigslist scam credit card credit card breach credit card breaches Credit Card Fraud credit card safety credit card security credit cards credit fraud credit freeze criminal Criminal Hackers Criminal Identity Theft Cross-Device Security customer privacy cyber crime cyber criminals cyber fraud Cyber gangs cyber invasion cyber monday Cyber Security cyberbullying cybercrime cybercriminal cybercriminals cybersafety cybersecurity cyberwise data Data Backup data breach Data Breaches data privacy data protection data security Data Storage data theft dating scams DDOS debit cards Device Reputation digital devices Digital Forensics digital life Digital Security digitally secure Disaster Recovery DNS download DPI driver's license dumps E-Commerce eBanking Electronic Discovery Electronic ESI electronic passport email email and web security email security EMV EMV chip Endpoint Security entity theft Epsilon ERM ESI ethical hacker Ethics Events Facebook Facebook privacy facebook safety tips facebook scam fake id FBI FCC FCPA FDIC Federal Government FFIEC Financial Crisis financial fraud firewall FourSquare Fraud gaming Gartner Geo-tagging gold farming google alerts Governance GPS grc GRC evaluation GRC Marketplace GRC technology readiness GRChange Green IT grey charges guard dogs hacked hacker Hackers hacking Hackproof Hacktivism holiday scam holiday shopping holidays home alarm home burglar home burglary home invasion home protection home safety home security home security cameras home security system home surveillance video Hotspot HotSpot Shield VPN HP IAM iCloud id ID Theft identity fraud identity proofing identity protection Identity theft identity theft prevention identity theft protection Information Management Information Security Information Supply Insider Threat Internal Audit Internal Controls internet safety internet tracking investment fraud iOS app iovation IP address iphone iphone apps iPhone security IRS IRS Scams ISACA ISO 27000 ISO 27001 ISO 31000 IT Alignment it compliance it governance IT GRC Forum Events it risk management IT Security IT Service Management ITIL jailbreaking Jobs keylogger kids online safety kids privacy kids safety laptop security license linkedin scam Litigation Loan fraud loan scam lottery scam malicious Malware malware phishing marathon master password mCommerce medical emergency medical ID theft Medical Identity Theft medical scammers Member Discount Mobile Mobile Apps Mobile Banking mobile device Mobile Device Management Mobile Devices Mobile payment mobile phone mobile phone security mobile privacy mobile risks mobile security mobile spam Mobile Wallet modem mSecurity Multi-Regulatory Compliance multifactor authentication myblog netgear Network Security New Years NFC NFC app Online Backup Online Banking online dating online fraud online gaming online identity online privacy online safety online scams Online Security online shopping Operational Management OSHA Outsourcing P2P Security Panel Partner Offers passport password password alert password manager password security passwords PCI Performance Management personal data personal device Personal Security pheasting phishing phishing alert Phishing email phishing emails phishing scams Policy predator Privacy privacy and security privacy issues privacy policy Prize Draw protecting kids online proxy proxy server public WIFI QR Codes ransomeware ransomware Regulation E remote access resume fraud Risk Assessment Risk Management romance scam router RSA Rules russian hacker safety tips scam scammer scammers Scams scareware Seasonal Security security apps security camera security tips sext Sexting Shopping shopping tips Shoulder Surfers shredding skimming Skimming Fraud small business smartphone smartphones smishing Social Media Social Media privacy social media safety social media scams Social Media security social network Social Security SOX spam spammers spokesman Spy Hackers Spyware SSDs ssn Standards strangers Strategy survival survival tips tablets tax fraud tax return scams tax scam tax scams Tech tech support technology teenage Threat Management Tokenization TQM trojan Twitter Twitter Spam two step verification typosquatting video cameras Virus viruses VPN wallet web Webcast Q&A website hacking white hat hacker White Hat Hackers Wi-Fi WIFI wifi hacking WiFi password Wifi security wireless Worms
Banner