Articles In Security

By Gotham, Posted in Security

Vulnerability assessments examine an organization's environment, and identify and quantify vulnerabilities and their potential threats to the organization. A vulnerability assessment is an in-depth evaluation of an organization’s security posture, concentrating on the flaws (configuration, processes, policies, etc.) that cause and allow vulnerabilities to be created in the first place. The value proposition of a vulnerability assessment is an organization's visibility into their internal security controls –... read more.

  • June 25, 2012

By Russell D. Vines, Posted in Security

As the recent LinkedIn and eHarmony hacks demonstrate, ignoring security best practices is not just a problem with indie music sites and gaming sites. After six million LinkedIn passwords were hacked and posted to a Russian forum, many security experts were surprised to find out how weakly the company protected the large volumes of data under its care. For one thing, LinkedIn does not have a CSO or CISO with sole responsibility to enforce and test security, unusual for a company of its size. LinkedIn has... read more.

  • June 21, 2012

By Russell D. Vines, Posted in Security

If you connect an unpatched, unprotected Windows PC  to the Internet, how long will it take before it’s infected by malware? The SANS Internet Storm Center recently posted a series of calculators that estimate how long an unpatched system could exist on the Internet before it became infected. Calculating survival time (the average time between reports generated by worms attempting to propagate) has been a security exercise for a long time now, but seems more relevant in the age of totally automated bots... read more.

  • June 20, 2012

By Russell D. Vines, Posted in Security

Highly sophisticated malware has been used to spy on countries, particularly in the Middle East, for at least a couple of years. An advanced worm formally known as Worm.Win32.Flame is just now starting to have a big impact. While its targets are similar to Stuxnet—that is, it appears to be a very focused state-sponsored attack on Middle Eastern countries—its code is written a bit differently from Stuxnet and Duqu, two viruses that were created for government-to-government attacks. For one thing, it’s... read more.

  • June 19, 2012

By Gotham, Posted in Security

From the Citrix eDocs Glossary: A demilitarized zone (DMZ) is a network isolated from the trusted or secure network by a firewall. Network administrators often isolate public resources, such as Web or email servers, in the DMZ to prevent an intruder from attacking the internal network. ... read more.

  • June 13, 2012

By Gotham, Posted in Security

From the Citrix eDocs Glossary: A demilitarized zone (DMZ) is a network isolated from the trusted or secure network by a firewall. Network administrators often isolate public resources, such as Web or email servers, in the DMZ to prevent an intruder from attacking the internal network. ... read more.

  • June 13, 2012

By Russell D. Vines, Posted in Security

If you visit Wikipedia and see ads popping up, you've probably been hit by a specific browser-based infection known as click fraud malware. Although not particularly dangerous, this malware exploits browser extensions to increase affiliate revenue by injecting ads into pages and highjacking search queries. In a blog post on Monday, Wikipedia reminded users that it never runs ads, other than fundraising for Wikipedia itself. The reason it's easier to spot the ads on Wikipedia than it is on other sites is... read more.

  • May 16, 2012

By Russell D. Vines, Posted in Security

First discovered in 2007, the Trojan known as DNSChanger (also called "RSPlug," "Puper," and "Jahlav") has infected millions of Windows PCs and Macs worldwide. Last year the FBI, in an operation called Ghost Click, arrested the Estonian crime ring responsible and seized the rogue network built to redirect users’ DNS settings to bad Web sites. Case closed, right? Bad guys in the joint, $14 million malware enterprise stopped, time to shut down the offending hardware? Well, it’s not that simple. Due to t... read more.

  • April 26, 2012

By Russell D. Vines, Posted in Security

As reported in the New York Times, Wall Street Journal and many other news outlets today, payment processor Global Payments suffered a major security breach affecting both the MasterCard and Visa card brands. With the loss originally estimated at 50,000 credit and debit card accounts, that number has been recently revised upwards to a possible three million to ten million. Global Payments in Atlanta is an intermediary between merchants and card processors. After the possible breach was reported, trading... read more.

  • March 30, 2012

By Gotham, Posted in Security

Microsoft has released a security update to patch a critical vulnerability in the Remote Desktop Protocol (RDP). From TechNet: This security update resolves two privately reported vulnerabilities in the Remote Desktop Protocol. The more severe of these vulnerabilities could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system. Systems that do not have... read more.

  • March 26, 2012