Viewing posts from January, 2009
brand-damage-stock-price-and-cockroaches
Posted by: admin 15 years, 7 months ago
Brand Damage versus Corporate CompetenceYesterday, Tim Erlin had an interesting and very thought provoking post about breach and brand damage.. Tim rightly takes offense at the idea of the infinite "brand damage" often used to sell information security products. With as little as infosec geeks know about marketing, it's probably best to avoid that phrase altogether. A "brand" is a nebulous idea at best and security probably does not matter at all in most brands. I think it is also hard to try to tie stock performance to brand value. There a lots of great stocks that sell commodity goods. If Exxon/Mobil had a security breach when oil was at $30/barrel, how would you measure the impact of the breach as oil goes to $60?
checkfree-breach
Posted by: admin 15 years, 7 months ago
Hackers on Tuesday hijacked the Web site CheckFree.com, one of the largest online bill payment companies, redirecting an unknown number of visitors to a Web address that tried to install malicious software on visitors' computers, the company said today.First, I find it very hard to believe that you would hijack the domain for one of the world's largest payment processor and only try to install malware.
choicepoint-stiock-drops-10-percent-in-one-day
Posted by: admin 15 years, 7 months ago
As we have discussed elsewhere in this Blog, there is value in protecting your information assets. We've talked about the impact of information security breaches on stock price. Well, Choicepoint provides a good case in point. This was not a “hacker” attack as labeled in the popular press (further moving the definition of that word from its original meaning), but rather a traditional scam that took advantage of a lax credentialling process (yes, Irony with a capital I) that apparently is fax-based.
citrix-and-security
Posted by: admin 15 years, 7 months ago
PDP has recently pointed out how easy it is to hack into poorly configured Citrix servers, which can easily be found via Google et al. He's also posted information on how to hack Citrix in a more forceful way. So, it is a good thing that we've posted documentation on how to protect Citrix with WiKID two-factor authentication. Also, yesterday, I posted a similar how-to document for protecting for GoToMyPC Corporate.
comment-on-the-t-mobile-attack
Posted by: admin 15 years, 7 months ago
I'm sure everyone (in security) has seen the article at Security Focus about the T-Mobile attack and probably some of the great commentary about it, especially here.
I only have one comment: Everyone write your bank, cellular company, credit card company, utility companies and tell them that you want strong authentication and you want it now.
Recent Posts
- Blast-RADIUS attack
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
Archive
2024
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)