Viewing posts from January, 2009
more-on-npv-and-aale
Posted by: admin 16 years ago
I had some requests for clarifications on my previous post about AALE and NPV. Hopefully this will clear up the issues.more-on-sun-free-advice-for-jonathon
Posted by: admin 16 years ago
I read the NY Times article on Jonathon Schwartz take-over at Sun. My concern is that Sun is going to the consumer market for an iPod-esque homerun product.
Mr. Schwartz contends that Java is the No. 1 driver of growth at Sun, ahead of Solaris, its operating system for corporate computers. "More teenagers recognize Java than they do Microsoft, because that is what they have in their pocket on their cellphone," he said in an interview on Tuesday. "Shame on me if I can't find a way to monetize that."
logins-for-ftp-sites-offered-for-sale
Posted by: admin 16 years ago
According to Techworld, Finjan has discovered that logins for 8,700 FTP servers are for sale.
Using the Alexa.com domain ranking, Finjan found 10 of the top 100 domains in the database, 100 of the top 500 domains, and 50 of those between 500 and 1,000.My reaction: FTP? Really? You've got to at least hope that it's SFTP.
The hacked servers could be used to distribute crimeware by injecting iframe tags into any webpage stored on the compromised FTP servers. Indeed the server accounts were themselves being traded by a web application able to rank and price them according to their Google page rank for re-sale to other criminals.Fancy.
incentive-plan-for-an-information-security-team
Posted by: admin 16 years ago
It has occurred to me that you could develop an interesting incentive program for an information security team, assuming that you believe a couple of data points (or can come up with your own) and your primary concern is a data breach. In my opinion, security people are all too often incented only to maintain security - not to optimize the investment in security. Interests need to be aligned.
i-for-one-welcome-our-ceylon-overlords
Posted by: admin 16 years ago
From the Register:
A US defence department advisory board has warned of the danger that American war robots scheduled for delivery within a decade might be riddled with malicious code. The kill machines will use software largely written overseas, and it is feared that sinister forces might meddle with it in production, thus gaining control of the future mechanoid military.
Recent Posts
- Blast-RADIUS attack
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
Archive
2024
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)