The greatest challenge for today’s security infrastructure and methods of protection is advanced malware attacks.
Internet connections of Australian Senators are censored more heavily than most of their fellow citizens — even more than MPs in the House of Representatives — thanks to a heavy-handed security policy and the work of former Senator Steve Fielding.
Only 16 per cent of organisations that faced a breach in 2011 detected it prior to a notification by a third party, according to an analysis of investigations conducted last year by Trustwave's SpiderLabs security team.
The Australian Security Intelligence Organisation is “gradually ‘going dark’” on its telecommunications intercept capabilities, referring to the challenge law enforcement have intercepting peer-to-peer, web and Skype like communications.
The Internet Engineering Task Force is close to approving a specification for a common format for reporting e-crime, a step taken to allow security experts to react faster to cybercrime.
After posting 5 Free Ways to Track Online Leaks of Information, I received numerous requests asking how to identify the online source leaking the confidential company information. Here are some techniques a corporate investigator can use to identify anonymous users online.
In the middle of the 1800s, a few prospectors found gold in California. When word got out, the lure of instant wealth spurred hundreds of thousands to rush to the West. Farmers, city slickers, people with no particular training or skills, all flocked to California to pan for gold.
Video management software (VMS) allows you to record and view live video from multiple surveillance cameras--either IP-based or analog cameras with an encoder--monitor alarms, control cameras and retrieve recordings from an archive. Because they are IP-based, VMS systems are more expandable and flexible than DVR-based systems, and employees can control the software from anywhere on the network. Surveillance and security teams can use the software for live monitoring, as well as investigative and forensic purposes, using archived footage.
CCTV implementations face a lack of product standardization, a confusing bidding process, and a limiting market structure. Here is expert guidance on critical considerations about bandwidth, frame rate, image quality and more.
Network administrator Ed Ziots offers his recipe for a sane and solid patch management program.
Let us be perfectly clear: While Facebook has received a lot of criticism lately about its new privacy policies and Open Graph concept, which allows them to partner with other sites which will also have access to some Facebook user data, Facebook isn't explicitly keeping secrets from you. But some security professionals and users continually knock the site for what they say are less-than-clear explanations about where your data is going, and how secure the site really is.
There has been a long history of attacks on the Domain Name System ranging from brute-force denial-of-service attacks to targeted attacks requiring specialized software. In July 2008 a new DNS cache-poisoning attack was unveiled that is considered especially dangerous because it does not require substantial bandwidth or processor resources nor does it require sophisticated techniques.
There are a few highly publicised vulnerabilities at the moment which haven't completely been disclosed and which, it is claimed, could threaten the whole Internet as-we-know-it. Only, when the vulnerabilities are finally disclosed, it seems that the whole incident has been somewhat Chicken Little.
In 1999, the Massachusetts state fire marshal issued a cautionary advisory about a new security product: a surveillance camera designed to look like a smoke detector. "This action has created a great concern for us in the fire service," Stephen Coan said. "If this [security cameras as smoke detectors] becomes widely known, we feel that the lives of people will be placed in jeopardy. Out of fear of being watched and the loss of privacy, it is possible that people will begin to cover over smoke detectors, endangering their lives...." Marshal Coan was not alone in his concern: In 2004, New York officials forced local outlets to stop selling the device for many of the same reasons.
The proliferation and popularity of collaborative Web 2.0 sites – there are around 250,000 new registrations to Facebook everyday – has changed the threat landscape and the way businesses need to think about security. Each year, newer technologies and weapons are being unleashed to leave Web users surprised, annoyed and at greater risk.‘Whaling’ or ‘spear phishing’, is one such threat and refers to phishing scams which specifically target high-worth individuals.
Sign up now »
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.