SEARCH RESULTS
 
Showing 1-10 of 204 records
 
Expand article

Massive SQL Injection Attacks - the Chinese Way

The Article has images
2008-10-21 16:18:48 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...significant site of the wrong mode of access to a comprehensive code optimization and more accurate access to the content, accuracy and access to show progress added, "VBS upload to download", "upload directory Web site viewer," "FTP upload to download configuration file" function to make it more convenient for the sa rights to use the site ...
 
Tags: keyword detection, detection, database, database solution, solution, process, upload process, text, load solution
 
 
 
 
Expand article

Communicating about risk - part 1

The Article has images
2008-05-05 18:12:14 by JonesJ in RiskAnalys.is
...significant When these conditions exist, the low loss event frequency is driven solely by the low threat event frequency. In other words, were not actively managing loss event frequency; were just trusting to luck. If threat event frequency changes (or an event occurs at all), then significant impact will likely occur. An example might be an...
 
Tags: risk, effective, cost-effective risk management, fragile condition exists, condition, unstable condition, risk qualifiers, risk condition, risk chart perspective
 
 
 
 
Expand article

CollegeInvest external hard drive goes missing

The Article has images
2008-04-30 14:10:46 by Evan Francen in The Breach Blog
...significant technical expertise and specialized software tools Evan] We have read statements like this before. Who is to judge The company has not received any calls from clients saying their identities have been stolen The lost data were stored on an external hard drive used to back up files CollegeInvest discovered the drive was missing...
 
Tags: external hard drive, drive, hard drive, college savings, college savings program, computer hard drive, data, lost data, loan
 
 
 
 
Expand article

Verizon Business has a new report on data breaches

2008-06-12 20:21:39 by Chris Wysopal in Zero in a bit
 
...significant computer security failures. While it is interesting to see counts of malware infected computers from Symantec and vulnerability counts from CVE, this report gets to the actual attacks that organizations need to prevent with their security programs Digging into the full report they say that 59% of the breaches involve hacking. Of...
 
Tags: data breaches, breaches, attacks, layer attacks, vulnerability counts, vulnerability, report, exploit unknown vulnerability, actual attacks
 
 
 
 
Expand article

CLOUD COMPUTING - STORMY WEATHER?

2008-10-27 15:46:17 by Alex in RiskAnalys.is
 
...significant amounts of piercing, transparent visibility. And in order to gain that visibility, our insight into Cloud Risk Management must include significant provisions for understanding a joint ability to Prevent/Detect/Respond as well as provisions for managing the risk that one of the participants wont provide that visibility or ability...
 
Tags: risk management innovation, management, cloud, risk, glba risk, glba, reduce risk, risk reduction, toxic cloud
 
 
 
 
Expand article

Logging Poll #5 "Top Logging Challenges" Analysis

The Article has images
2008-02-08 11:06:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
...significant. Still, we can draw some fun conclusions from the data First, what are the top challenges? It is with great regret :-) that I report that the #1 challenge is exactly the one I thought it would be: We collect logs but don't have time/resources to look at them. Yes, automated "analysis challenge" has only become more of a challenge...
 
Tags: enable log collection, log, log management, log analysis tools, collect logs, logs, log security, poll, log volume
 
 
 
 
Expand article

NAC - virtually impossible?

2008-03-18 08:48:40 by HASH0x8b66dc0 in StillSecure, After All These Years
 
...significant problems that virtualization poses for NAC. While there has been a bit of the sky is falling over this, the fact is that today virtual environments are being seen more in server and data centers than on desktops and endpoints. However, make no mistake about it, virtualization is coming to a desktop near you! How is your NAC going...
 
Tags: nac, nac appliance, nac solution, server, virtualization, virtualization poses, virtual machine, virtual machine vendors, physical server
 
 
 
 
Expand article

University of California Irvine students are hit with mysterious breach

The Article has images
2008-04-10 12:14:10 by Evan Francen in The Breach Blog
...significant number of identity theft crimes occurring nationwide, and it is possible that UC Irvine is the victim of one of those criminal enterprises the universitys financial aid office is arranging emergency loans in appropriate amounts for current students who face financial hardship by the delay in receiving their income tax refund...
 
Tags: irvine, irvine police department, police, students, contact campus police, credit agencies, credit, irvine police, medical students
 
 
 
 
Expand article

A Critical Time for Critical Infrastructure: Some Utilities Step Up

2008-03-17 18:07:36 by Posted By: Earl Perkins, Research VP in IT Leaders - Security and Risk Management
 
...significant market with significant vendors, concerns about project scope, business requirements and technology standards, particularly in security, worry some. Concerned utilities have taken a leadership role in those standards efforts, and not just in technology standards. Key processes for developing an AMI program, documenting an...
 
Tags: critical infrastructure, critical, critical infrastructure protection, ami security requirements, ami security, critical infrastructure services, ami, infrastructure, ami-sec
 
 
 
 
Expand article

What Are You Managing Towards? (And On Disproving Risk Management)

The Article has images
2008-06-03 14:41:11 by Alex in RiskAnalys.is