I saw this news article tonight and had to laugh… “We all recognize that the Web site is important to the community,” Mayor Roy Robinson said. “We’ve tried to save money to build our own Web site. We should be designating a certain amount of money to maintain and protect it in a professional manner.” […]
How’s the security of your local city web site? Read More »
I won’t ramble on about the DNS vulnerability discovered by Dan Kaminsky this week…plenty of other blogs and news sites are covering it. Yes…it’s important, groundbreaking and all that jazz. However, if you want the real scoop especially if you need to convince your employer that this needs to be addressed quickly…then I point you
Wow…I’m really on this banking kick as of late… So I was watching TV tonight and saw a commercial for WaMu (Washington Mutual Bank) advertising their “Online Banking Guarantee“. What I found interesting was the whole scenario that played out in the commercial… Woman: “Hey, I’m using WaMu Online Banking…” Man: “Online Banking?? That’s not
What’s behind online banking guarantee’s? Read More »
Lots of buzz on the net about Blizzard (creators of World of Warcraft) offering a $6.50 two-factor authentication token for customers that want an extra layer of protection for their account. Yes, if you didn’t know account theft in WoW is on the rise! I commend Blizzard for taking this extra step to help protect
Blizzard offers two-factor authentication, why doesn’t your bank? Read More »
Last week GNUCITIZEN posted an article entitled “Tiger Team Operations vs. Penetration Testing”. I personally feel this is a spot on article and is a must read for anyone involved in either tiger team operations or penetration testing. The article focused on three areas in regards to these two types of assessments: quality, pricing and
The Evolution of Penetration Testing Read More »
Good post on Bloginfosec last week that talks about all the interesting security related sounds that go on in pretty much any environment just by listening. If you saw Johnny Long’s “No Tech Hacking” presentation then you will probably remember the line “What does a hacker see?” as Johnny pointed out items in pictures that
What does a hacker…hear? Read More »
Looks like GNUCITIZEN and Blogsecurity.net have joined forces to create a online WordPress security scanner. From GNUCITIZEN: “Blogsecurify was created to help individuals and organization to secure their blog infrastructures by testing them against a set of security tests. The project is still in alpha stage although I am quite happy with the actual framework
Blogsecurify: New WordPress Security Scanner Read More »
I am writing this blog post as part of the Black Hat Bloggers Network topic of interest #2. I guess you could say I am somewhat of a Black Hat n00b! This will only be the second time I have attended Black Hat in my security career. I have been to quite a few security
Why go to Black Hat? Read More »
This is a story that keeps getting more interesting… I have been closely following the news that I blogged about last week regarding 1st Source bank of Indiana that fell victim to a pretty serious security breach. 1st Source ended up reissuing their entire credit card portfolio to their customer base. The latest news is
FBI gets involved in the Indiana bank security breach Read More »
Via the Emergent Chaos blog… If you follow physical security and specifically the “Locksport” community you might be interested in the open letter by Peter Field (chief architect of Medeco products) stating that Medeco (a big high security lock manufacturer) is embracing the Locksport community. This is huge news considering that lock manufacturers in general
Medeco Embracing the Locksport Community Read More »
