Category: Security News
-
RSA Discusses The Challenge of Securing RFID
RSA researcher Ari Juels sat down with SearchSecurity.com to discuss various topics. One of which was the constrained capabilities of RFID (like wireless bar codes), and how it affects the security posture needed to secure these devices. But, in fact, it’s possible to shoehorn in capabilities for which these tags were not explicitly designed. For…
-
Wanted:Someone to run National Cybersecurity
There is a cNet report on the director of the NSA stating “We do not want to run cybersecurity for the U.S. government” At least not for all the government agencies, just a select few. With all the latest high profile security breaches on government facilities the brutal honesty of the statement is understood. And…
-
Cisco PIX & ASA Multiple DoS, ACL Bypass, & Authentication Bypass Vulnerabilities (Bugtraq ID:34429)
Some fairly critical issues disclosed on a very popular security product. Cisco PIX Security Appliance and ASA 5500 Series Adaptive Security Appliance are prone to multiple denial-of-service vulnerabilities, an ACL-bypass vulnerability, and an authentication-bypass vulnerability. Read More Here … An attacker can use readily available network utilities to exploit these issues. The following example data…
-
The Secret Battles of Electronic Warfare
This is not the first time we have mentioned the rise of computer security related crimes or pointed out the hacking of or weaknesses of many critical metropolitan infrastructures. With that said the recent hacking events first mentioned over the past weekend does again cast a big bright light on how living in our ‘digital…
-
Pen Testing with RUBY
It was in 2006 that the language known as RUBY was fully accepted as a standard language. The self described “open source programming language with a focus on simplicity and productivity” is one of the more powerful languages in use today. The folks over at Matasano Security (not affiliated with “matz” Y.Matsumoto the creator of…
-
LSYiPDT: Biometric Security Software
While the concept is pretty clear the development team is having some issue with resources ($$). You can read more about the concept first shown in the Android Dev Challenge at Androidandme.com. You can also show your support for the dev team by voting for them to help get some funding here. I am pretty…
-
Conflicted by Conflicker
As posted in the “Waiting for the Worms” article below the conflicker worm was MIA on April 1st along with all the Gloom N Doom forecasted by the IT security industry. There is an interesting article posted by SearchSecurity.com that talks about not only possible reasons for the fizzle of the worm but also the…
-
Article: How to evaluate and manage UTM for network security
Unified threat management (UTM) is a promising approach to consolidating security controls, including firewalls, intrusion prevention, anti-virus, content filtering, and reporting. Read More Here
-
Waiting for the Worms
As anyone who have heard any news media source lately may already know. Today is April Fool’s Day, and also “worm” day. For those that are unfamiliar the worms first started back in 1988 and was released by accident (so the story goes) by a researcher named Robert Morris. Today this has evolved quite a…
-
Excerpt from “The Truth About Identity Theft”
It is common to read about various social engineering attack scenario’s in many of today’s IT security based books. None the less just like the need to constantly drill this information into the minds of the non tech users of many organizations. It makes for a better story when the scenario can be drawn from…
[security.pimp] 