infosec4all.com

Insidious Worm Makes Unauthorized Purchases When Computer User Is Drunk

Branko S. Bokan — Sun, 21 Feb 2010 04:26:32 +0000

Insidious Worm Makes Unauthorized Purchases When Computer User Is Drunk

The rise of the cyber war

Branko S. Bokan — Sat, 06 Feb 2010 22:14:05 +0000

Dilbert on infosec

admin — Tue, 24 Nov 2009 15:28:17 +0000

Cloud Computing Risk Assessment

admin — Tue, 24 Nov 2009 15:23:50 +0000

The European Network and Information Security Agency (ENISA) identified 35 key security risks of cloud computing. Supported by a group of subject matter expert comprising representatives from Industries, Academia and Governmental Organizations, ENISA has conducted a risks assessment on cloud computing business model and technologies. The report provide also a set of practical recommendations.

http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-risk-assessment/

Information Security Jobs in 2009

Branko S. Bokan — Thu, 17 Sep 2009 18:06:13 +0000

Foote Partners LLC released updated report on trends in IT skills, certifications, and pay. “[... the] trends survey research indicates that the recession has had only a minimal impact on demand for critical IT skills in the areas such as architecture, business process, information security, communications, e-commerce and several ERP and infrastructure specializations”. Click here to download a free copy of 2009 IT Skills Trends Report Update.

PCI Security Standards Council Guidelines for Deploying WLANs

Branko S. Bokan — Tue, 21 Jul 2009 15:57:12 +0000

PCI Security Standards Council issues guidance and installation suggestions for testing and deploying 802.11 Wireless Local Area Networks.

More…

Predicting Social Security numbers from public data

Branko S. Bokan — Thu, 09 Jul 2009 19:01:10 +0000

This is nothing new. I already blogged about covert channels and how publicly available data can be used to accurately guess personal information.

[...]Using only publicly available information, we observed a correlation between individuals’ SSNs and their birth data [...] The inferences are made possible by the public availability of the Social Security Administration’s Death Master File and the widespread accessibility of personal information from multiple sources, [...] results highlight the unexpected privacy consequences of the complex interactions among multiple data sources in modern information economies [...]

Full article.

UK Government Launches Cybersecurity Agency with Cyberattack Capability

Branko S. Bokan — Thu, 25 Jun 2009 17:44:35 +0000

The Office of Cyber Security (OCS), dedicated to protecting Britain’s IT infrastructure, will be created in line with a model proposed — and in part practised by the US.

The government will develop information systems to allow it to launch denial-of-service attacks and to spy on chosen targets…

At the same time Defense Secretary Robert Gates ordered the establishment of a U.S. Cyber Command to protect military networks and organize digital security efforts underway at the Pentagon.

The command also is charged with “synchronizing warfighting effects across the global security environment, as well as providing support to civil authorities and international partners,” according to a memo issued Tuesday by Gates to senior military officials.

BackTrack 4 released

Branko S. Bokan — Thu, 25 Jun 2009 17:40:00 +0000

BackTrack is the most top rated linux live distribution focused on penetration testing. With no installation whatsoever, the analysis platform is started directly from the CD-Rom and is fully accessible within minutes.
For more information visit: http://remote-exploit.org/backtrack.html

CNN on credit card theft

Branko S. Bokan — Mon, 23 Feb 2009 23:21:04 +0000

I already wrote about this topic. It cannot be stressed enough that credit card theft is not identity theft. However, an interesting video from CNN: