If you’ve ever worked as a front-line security professional in any organization, at some point in time you’ve been asked what certification or standards compliance would guarantee security. Then, away from the office, you’ve probably directed countless friends and family members to protect themselves using some of the various anti-phishing toolbars like Netcraft, or those built into your antivirus suite.
As I mentioned just a couple days ago, there’s a bit of debate and confusion surrounding leak/loss prevention technologies and what the heck to call these things.
In a recent post at Security Ripcord, Cutaway says:
Let me elaborate on the second topic a little more. The days of hacking for fun are over. I think it is safe to say that nearly everybody has come to that realization (there may be a few holdouts in upper management but they will not last long). This means that the stakes are higher for the good guys and the bad guys.
No registration required anymore. If the trolls and spam get too bad I’ll have to turn it back on, but we’ll see how this goes… *[Email:]: Email *[Twitter:]: Twitter *[Phone:]: Phone
I’m still catching up on my blogroll, and caught this article over at Emergent Chaos, which also referenced this one by Thurston. Both articles discuss the infamous Ponemon study that claimed the average losses in a breach were $182 per record.
Read here, safe for work, but very disturbing.
Double entendre title fully intended. *[Email:]: Email *[Twitter:]: Twitter *[Phone:]: Phone
I’m getting caught up on my blog reading after my big APAC (that’s Asia Pacific) tour with a half-busted Mac, and noticed Tom’s post at Matasano on detecting unauthorized hypervisors. Tom and Nate have been going back and forth with Joanna Rutkowska on how detectable these things might be. For those of you less familiar with all this virtualization stuff, let’s review a little bit.
Hoff owned me. In an email he claimed he pwned me, but he totally didn’t earn that p.
Apparently I’m slightly late to the game in talking about hyperjackstacks (we’re back on virtualization, in case I lost you). That’s something I’m totally willing to concede, especially since I’m more of a data and applications guy.
Here I am, just off the bench after six months of watching from the sidelines, and when I’m still two feet away from the darn batter’s box Hoff lets loose with a hundred mile per hour fastball right at my head.
Got questions? Think I might know the answer? Just bored and need someone to pretend to be your friend?
All you have to do is look on the sidebar and click on the LiveChat link. If you’re running AIM, that will connect you to the account I’ve set up to support the site.