The popularity of short URL services, like tinyurl.com and bit.ly, has grown due to the character limits of Twitter. These services pose a security risk because they could be used to conceal the addresses malicious sites. Users are being taught to trust all URLs and just blindly click. Sites like Twitter should offer users the [...]

I got an email today from an advantageous SPAMer. Apparently, I have $11.5 million dollars coming to me. I found it interesting that this email had a disclaimer at the bottom.  These guys are getting creative. At first glance the email looked very official. These guys must make a good amount of money off the [...]

Here is a great article write by Martin McKeay check it out…
Repeat after me, “The CISSP is not a technical certificate, it’s a management certificate”
I’ve held my CISSP for coming on 5 years now.  I earned my CCNA around the same time, though I’ve let it lapse.  Last year I received the SANS GIAC Systems [...]

A major attack vector web programmers sometimes forget about is input cleansing. If user inputs are not cleansed prior to submitting the data to the SQL server attackers can submit malicious code to the server. This code can make the server return more data than it should or allow the attacker to delete entire databases.
SQL [...]

The other week I found a major security hole in one of the systems at work. I notified my manager who then notified the correct people. I am waiting to see if this issue gets resolved. So far I have not seen any progress towards closing the hole. Lack of motivation to path security holes seems [...]

Fun Article from the Security Catalyst. Full Article Here.
In addition to getting to break things in order to help our customers prevent assorted miscreants from doing so, one of the many hats I wear at QuietMove is the amorphous responsibility of ‘business development.’ In English, that means I identify organizations that could benefit from our [...]

Great article by Bruce Schneier title How To Not Catch Terrorist.
Click here for the article.
“Data mining for terrorists: It’s an idea that just won’t die. But it won’t find any terrorists, it puts us at greater risk of crimes like identity theft, and it gives the police far too much power in a free society.
The [...]

The Principle of Least privilege simply put requires that in a computing system every process, user, and program must be able to access only information and resources that are necessary to its job duty. The principle of least privilege was first introduced in the mid 1970’s. The book “Fault Tolerant Operating Systems” by Peter J. [...]

Here is a great chart that show the Internet Explorer Vulnerabilities in 2006. Weather you are a IE hater or a lover this is a very interesting chart Check it out.
http://www.washingtonpost.com/wp-srv/technology/daily/graphics/index20070104.html

Share and Enjoy:

These two comics are a very good example of how people do not pick very good passwords.

Thank you Dilbert.com

Share and Enjoy: