SEARCH RESULTS
 
Showing 1-10 of 80 records
 
Expand article

Zeus Crimeware as a Service Going Mainstream

The Article has images
2008-12-04 07:34:50 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...fairly logical to assume that they can therefore charge as much as they want for offering on demand access to them, thereby undercutting the prices offered by the experienced market participants. IP theft in the underground marketplace equals a volume sales driven cash cow that messes up the basics of demand and supply that the experienced...
 
Tags: crimeware, crimeware kit, zeus, zeus crimeware kit, zeus crimeware, zeus trojan, zeus trojan features, service, spam campaigns
 
 
 
 
Expand article

Process Doubling

2008-01-27 22:44:57 by RSnake in ha.ckers.org web application security lab
 
...fairly common occurrence during an audit (given there are logistical reasons that make many common techniques off limits). It was mission accomplished for showing the vulnerabilities in the client. However, I started thinking about the firewall egress filtering, or lack thereof. Granted, creating a reverse shell is fairly straight forward,...
 
Tags: web server, fairly complex set, set, fairly straight forward, egress, fairly easy, fairly common occurrence, easy, firewall egress
 
 
 
 
Expand article

Security Consultant Hacks: Size Matters

2007-12-20 05:16:07 by Bill in Grumpy Security Guy
 
...fairly niche focused, maybe they specialize in Web Application Security , secure development, or PCI audits Advantages : If you are using them in an engagement that is their speciality you are going to get a lot of bang for your buck. Prices are generally in line with normally hourly rates but try to get them to make a fixed cost bid. Most of...
 
Tags: security consultant, security consultant hacks, security, web application security, security consultants, consultants, grumpy security guy, medium shops, employ
 
 
 
 
Expand article

What is 802.1X? Here's a Technology Primer for You

2008-04-02 03:10:42 by JJ in Security Uncorked
 
...fairly flexible solution- possibly without having to purchase any additional equipment or software And what about NAC? If youre wondering how 802.1X and NAC fit together, its pretty simple. Most of todays network-based NAC solutions can work in conjunction with 802.1X to provide a robust solution with Layer 2 and up protection. Other NAC...
 
Tags: edge port, edge, edge ports, network access control, network access, wireless standard, standard, standard network traffic, network
 
 
 
 
Expand article

NISTS FISMA Pase IIWho Certifies Those who Certify the Certifiers?

2008-06-17 21:22:09 by rybolov in The Guerilla CISO
 
...fairly large advisory panel have put together about certification of C&A service providers. Ive heard about this for several years now, and its been fairly much on a hiatus since 2006, but its starting to get some eartime lately The interesting thing to me is the big question of certifying companies v/s individuals. I think the endgame will...
 
Tags: services, boutique services, risk, risk-avoidance cultures, accreditation services, company-level certification, security risk, certification, certification program
 
 
 
 
Expand article

Misconceptions about outsourcing security

2007-12-13 14:05:54 by Khalid Kark in Security & Risk Management
 
...fairly long period of time that can sometimes be compressed, but usually with increased risk. Prepare yourself and your teams for the long haul by connecting first to the business strategies of the firm and building from there. It is appropriate to plan for some quick wins but it takes time for the outsourcing relationship to mature....
 
Tags: security processes, establish security processes, security, processes, security controls, security managers cost, cost, security operations, security services
 
 
 
 
Expand article

Cisco Acquires Securent - moving policy decisions to the network layer

2007-11-01 09:12:16 by Andras Cser in Security & Risk Management
 
...fairly different and highlights the following trends: 1) Entitlement Management is needed so much by the market that Cisco even though it has not traditionally been a player in the IAM space enters the market first with an Entitlement Management product. It is surprising, as only CA has an EM product today all other IAM vendors are still...
 
Tags: iam, iam vendors, network, entitlement management product, iam market, product, entitlement management, network operations, operations
 
 
 
 
Expand article

NASDAQ Symbology Change

2007-12-14 03:18:47 by RSnake in ha.ckers.org web application security lab
 
...fairly small subset of possible combinations. The symbology change was designed to allow greater flexibility in the future of the naming conventions (think about it being like the difference between IPv4 and IPv6 in the stock market). Click here to read more details That would probably be all fine and dandy except some of the characters...
 
Tags: symbology, symbology change, characters, legal characters, special characters, nasdaq, ticker symbols, stock market, millions
 
 
 
 
Expand article

Antivirus software -- who needs it?

2007-09-23 04:14:44 by Steve Riley in Steve Riley on Security
 
...fairly confident in calling myself an expert. I don't run anti-malware on any of my own computers. Why not? It's simple: I know what to click and what to skip, what to visit and what to avoid. I have control over what I choose to open, what I choose to load, and what I choose to run. And yeah, before the question arises, every four months or...
 
Tags: curious question, question, question arises, choose, malware, experts, security experts, anti-malware, anti-virus software
 
 
 
 
Expand article

Encryption Presentation - .NET Developers Group - NYC Microsoft Offices - June 21st

2007-04-02 06:46:00 by Eric Marvets in The Security Samurai