Exploiting the exploitable: New software vulnerabilities down, but risk remains high, Secunia reports

“If the Rebels have obtained a complete technical reading of this station, it is possible, however unlikely, they might find a weakness and exploit it.” The geek in me couldn’t resist the Star Wars quote to kick off a post on software vulnerabilities and exploits. If the Empire had designed the Death Star the way most software...

Read more

A peek into the underground economy and the market for stolen credit cards

There’s a great article from Bloomberg (Stolen credit cards for $3.50 online) in which author Michael Riley explores the depths of the underground market for stolen credit card data. Reading this is enough to make you want to stuff all your money in a mattress for safe keeping. By some estimates, the underground digital economy has now...

Read more

Firewall audit tools automate the impossible; AlgoSec adds next generation firewall support

The growing firewall audit market is rapidly adjusting to the phenomena of  next generation firewalls (NGFW), which introduce the context of highly granular application and user ID controls and additional complexity to an already complex and difficult network firewall environment. AlgoSec, one of a handful of firewall audit vendors, has added...

Read more

Translating IT risk to business risk: Symantec adds Risk Manager to IT GRC suite

IT governance, risk and compliance (GRC) is a challenge to every large organization struggling with the complexity of IT policies and controls and communicating IT risk to management in terms of actual risk to the business. The IT GRC market has appeared and grown in recent years as enterprises try to manage this almost unmanageable task across...

Read more

DDoS in defense of (insert cause) is still criminal

Are hacktivists protesters or criminals? The question is not a matter of semantics; it has real bearing on how we respond, not as members of the security community, who are responsible for protecting IT information and services against attack, but as a society, particularly in the realm of criminal prosecution. My take is that...

Read more

More Posts