Monthly Archives: September 2009


The State of Cybercrime

Posted on by Dr. Steven Brown

Jerry Dixon, a former executice with Homeland Security, US-CERT and the National Cyber Security Division (NCSD) discusses the state of cybercrime and some of the new threats that are faced — botnets, denial of service, fraud, etc. — are just … Continue reading

Posted in Current Topics, Security | | Leave a comment

Cloud Security: Proprietary vs Freeware DNS

Posted on by Mary Brown

Toby Wolpe, of ZDNet UK writes about the commercial use of open source software and its impact on security. He discusses a solution that he argues is more secure. Do you believe that the security profile of Nominum’s proprietary DNS … Continue reading

Posted in Current Topics | | Leave a comment

Mitigating Bots

Posted on by Mary Brown

There has long been speculation as to the number of computers on the Internet and whether they have been compromised in such a way as to make them available to a hacker.  The compromised computers, known as bots or zombies, … Continue reading

Posted in Current Topics, Security | | Leave a comment

Are We Addressing the Wrong Threats?

Posted on by Mary Brown

Riva Richmond reports on the latest SAN research which indicates that organizations are still focused on mitigating risks related to operating system threats while hackers are focused on application vulnerabilities for commonly used applications like Adobe and Office and are, … Continue reading

Posted in Current Topics, Security | | 2 Comments

Microsoft SMB fail 2.0

Posted on by Rodney Visser

Recently, another Windows os vulnerability has surfaced pointed at ports 139 and 445. It was initially released as a denial of service attack, but could also allow system level remote code execution. The strange thing about this particular exploit for … Continue reading

Posted in Current Topics, News, Security | | Leave a comment

Security Standards for Test Data

Posted on by Mary Brown

Kelly Jackson Higgins of DarkReading.com reports on a successful hack of an RBS WorldPay Systems database.  The database is reported as being a test database that does not include any live data.  This has created speculation as to the proper … Continue reading

Posted in Current Topics, Security | | Leave a comment

True Cybersecurity — or is Government Seizing the Ultimate Power? You Decide.

Posted on by Jimmy Arendt

What am I talking about? I am talking about Bill S.773 that is before the 111th Congress 1st Session – AKA Cybersecurity Act of 2009. This bill was introduced to the Senate by Senator Rockefeller, et al. dated March 31, 2009. According to the “Cybersecurity Act of 2009 as found on OpenCongress.org’s web site; this is “A bill to ensurethe continued free flow of commerce within the United States and with its global trading partners through secure cyber communications, to provide for the continued development and exploitation of the Internet and intranet communications for such purposes, to provide for the development of a cadre of information technology specialists to improve and maintain effective Cybersecurity defenses against disruption, and for other purposes. “ (opencongress.org, 2009). Continue reading

Posted in Current Topics, News, Security | | 5 Comments

Are you using WPA2 or AES for your wireless?

Posted on by Mary Brown

Ohigashi & Morii (2009) have published a research paper that increases the concern about the use of WPA encryption to protect data being transmitted via wireless networks. Wireless security is becoming a more pressing topic as mobile computing becomes more … Continue reading

Posted in Current Topics, Security | | Leave a comment

Botched security or conspiracy to taint forensics evidence through intentional tampering?

Posted on by Jimmy Arendt

On July 17, 2009, a lawsuit was filed on behalf of Andrea McNulty against Ben Roethlesberger a football quarterback, John Koster the Harrah’s Casino Northern Nevada President, Guy Hyder the Security Chief at Harrah’s Lake Tahoe, et al. (RGJ.com, 2009) This blog post will not address the main issues or complaints of the lawsuit. It will discuss the complaint of Invasion of Privacy, Trespass and Civil Conspiracy. Continue reading

Posted in Current Topics, Events, News, Security | | 2 Comments