Blog Posts Tagged with "Monitoring"

9f19bdb2d175ba86949c352b0cb85572

Incident Response and Risk Management Go Hand in Hand

February 12, 2012 Added by:Neira Jones

Residual risk is inevitable, so incident response becomes a crucial part of managing it. As the risk assessment identifies the assets critical to a business - threats, vulnerabilities and controls - so should the incident response plan concentrate on critical assets...

Comments  (2)

39728eff8ac87a48cfb050f0df29ceaa

Who Will Watch the Watchers?

February 05, 2012 Added by:John Linkous

We have entered a new era of cybersecurity, one where the objective is not to protect against a breach - the majority of large organizations are no longer able to - instead we need to be able to detect them and mitigate the damage done by them...

Comments  (0)

58bc13ef5da5ac4fc32d41c3fbc0e460

Managing Employee's Expectation of Privacy

February 02, 2012 Added by:Suzanne Widup

FDA whistleblowers allege their emails were monitored once they told Congress the agency was approving risky medical devices, violating their Constitutional rights. The FDA said that employees are warned they may be monitored, and should not have an expectation of privacy...

Comments  (1)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Legal Implications of Social Networking Part 3: Data Security

January 31, 2012 Added by:David Navetta

Technology exists for monitoring and tracking of social media usage by employees. Ultimately however, like social media itself, it comes down to people - risk can only be addressed appropriately if the individuals using social media are equipped to identify and mitigate against it...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

NIST Draft Guidance for Monitoring IT System Security

January 26, 2012 Added by:Headlines

Three new draft reports published by the NIST are designed to help both public and private organizations improve the security of their information management systems by developing capabilities for continuous monitoring of security...

Comments  (0)

A88973e7d0943d295c99820ab9aeed27

VoIP: The Danger of Open Ports

January 25, 2012 Added by:Simon Heron

The Sipera UC-Sec 100 device is designed to withstand such attacks but many IP-PBX’s are not. If these attacks had been launched against an undefended and vulnerable system, it would have been possible for the hacker to register as an authorized user of the system...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Snort and SCADA Protocol Checks

January 25, 2012 Added by:Brent Huston

There are a wide variety of open source tools that can be leveraged around Snort, making it a powerful approach to visibility. Having people in the industry who know how the systems Snort work allows for better development of signatures for nefarious issues...

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

Concerns About the New AOL Instant Messenger

January 25, 2012 Added by:Electronic Frontier Foundation

The new preview version of AOL Instant Messenger raised concerns for us when it was first introduced, first because it started storing more logs of communications and second, because it apparently scanned all private IMs for URLs and pre-fetched any URLs found in them...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

E-Meme: The Next Generation of Thought Crime Detection?

January 25, 2012 Added by:Infosec Island Admin

An Orwellian software development project that the Navy has invested in called “E-MEME” will be able to sift through the internet for ideas and meme’s to analyze them for predictive behavior assessment. Predictive behavioral analysis via meme’s... Whatever could go wrong?

Comments  (6)

7ddc1f3000a13e4dfec28074e9e7b658

Mandatory Data Retention, Smart Meter Hacks and Silent SMS

January 23, 2012 Added by:Electronic Frontier Foundation

Silent SMS delivers a text message without the user being aware, but leads to the creation of a log with the cell phone company that reveals what cell phone towers the phone was closest to, revealing the phone’s location to help with tracking...

Comments  (1)

44fa7dab2a22dc03b6a1de4a35b7834a

Popular Dedicated Linux Distributions and Tools

January 17, 2012 Added by:Bill Gerneglia

There are Linux distributions dedicated to multimedia editing, monitoring, security testing, and basic system administration. Here are some specialized open source Linux distributions that can be used by the IT admins to perform their job with some free sophisticated tools...

Comments  (1)

39728eff8ac87a48cfb050f0df29ceaa

Effective SIEM: Less Turtle - More Awareness

January 12, 2012 Added by:John Linkous

SIEM tools are highly focused on events. Even in cases where a SIEM can look outside of the world of events at one or two other pieces of data - say, at network traffic - that’s still woefully inadequate. We certainly need events and network traffic data...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Rim, Nokia and Apple Providing Government Back Doors

January 09, 2012 Added by:Plagiarist Paganini

Some Indian Military internal documents were found that refer to a surveillance project called RINOA SUR, which stands for RIM, Nokia and Apple. The project is related to a platform used to spy on the USCC - the US-China Economic and Security Review Commission...

Comments  (9)

A7290c5bd7bc2aaa7ea2b6c957ef639b

FTC Takes on Super Cookies

December 06, 2011 Added by:David Navetta

The FTC is an increasingly nimble enforcer, with ever shorter news story-to-enforcement action cycles. This approach is consistent with the FTC's stated commitment to take enforcement actions in the areas where the agency believes there is significant non-compliance...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Controls Have to be Executed Perfectly Every Day

December 04, 2011 Added by:PCI Guru

Security is not perfect, and controls have to be executed perfectly every day, every year - else that is where things always go awry. If you execute controls consistently, your organization should be very difficult to compromise and the bad guys will find an easier target...

Comments  (0)

F1161c69043d967cbd5b2a0fb8d0f6d4

ACL Complexity and Unknown Vulnerabilities

November 21, 2011 Added by:Brett Scott

If the only way to tell if the ACLs are properly configured is to use another detection mechanism that is capable of identifying improper traffic and nobody had anything like that on their networks, then how many networks are completely vulnerable and do not know it?

Comments  (1)

Page « < 2 - 3 - 4 - 5 - 6 > »