Security Wire Weekly

Squad: Tokenization, Phishing and the Feds

SearchSecurity.com Staff — Sat, 31 Oct 2009 12:29:08 +0000

SearchSecurity editors discuss the importance of Microsoft’s record breaking number of October vulnerabilities, the federal government’s plan to hire 1,000 cybersecurity pros, the FBI’s crackdown on a massive phishing ring and the latest payment industry tokenization plans.

Silon Trojan strikes Internet Explorer users

SearchSecurity.com Staff — Wed, 28 Oct 2009 19:10:54 +0000

Amit Klein, CTO of Trusteer Inc. on a new two-headed Trojan striking Inernet Explorer users to steal login credentials.

Heartland CIO on PCI, E3 project

SearchSecurity.com Staff — Thu, 22 Oct 2009 14:08:09 +0000

Heartland Payment Systems CIO Steve Elefant talks about the processor’s new E3 security processes, end-to-end encryption, deployment and adoption issues.

Nuke and pave to eradicate botnets

SearchSecurity.com Staff — Wed, 14 Oct 2009 20:55:00 +0000

Security researcher Gunter Ollmann of Damballa discusses the scourge of dangerous enterprise botnets and why the only method to eradicate them is by a method he calls “nuke and pave.”

Exploring encryption, DLP

SearchSecurity.com Staff — Wed, 07 Oct 2009 20:51:18 +0000

Richard Jacobs, chief technology officer of Sophos on encryption for compliance, DLP and the case for involving end users in security decisions.

Threat Monitor: An enterprise strategy for Web application security threats

SearchSecurity.com Staff — Thu, 01 Oct 2009 19:08:35 +0000

People Security founder Hugh Thompson reviews the tools and tactics, from routine assessments to Web application firewalls, that are essential to an application security strategy,

Digital forensics, breach incident response

SearchSecurity.com Staff — Thu, 24 Sep 2009 13:23:50 +0000

Jim Jaeger, a retired Air Force brigadier general who heads the digital forensics operation at defense industry giant General Dynamics, explains best practices around data breach response and digital forensics.

Privacy gone awry

SearchSecurity.com Staff — Tue, 22 Sep 2009 16:21:14 +0000

SearchSecurity editors discuss Internet privacy issues, the Apache disclosure, VMworld and Apple security.

SANS Top Cybersecurity Risks

SearchSecurity.com Staff — Thu, 17 Sep 2009 12:27:38 +0000

Experts discuss the findings of the SANS Institute 2009 Top Cyber Risks Report. The SANS report, The Top Cyber Security Risks found that IT security professionals are failing to adequately address client-side application flaws and website vulnerabilities. Meanwhile, cybercriminals are using spear phishing attacks and automated SQL injection attacks to infect employee machines and ultimately gain access to company networks.

DNSSEC – Challenges and pitfalls

SearchSecurity.com Staff — Thu, 10 Sep 2009 18:32:07 +0000

Security experts and officials involved in DNSSEC implementations share their successes and the challenges they face.

Program notes: DNSSEC deployments gain momentum since Kaminsky DNS bug

Kaminsky interview: DNSSEC addresses cross-organizational trust and security