RealclearTechnology has an interesting article (the 4 headings below is my synthesis of the article) It is based out of the Cisco projections (linked in article).…
Since we advocate testing your IT services and devices, what if your organization has cloud services? How about Amazon EC2? AWS compliance keep this in mind.…
NIST has a computer Security division and they have revamped their The On-line Database: Access and Control policy and procedures There are many good areas to review…
KrebsonSecurity has the story (a good security blog) a 24 year old Viet-Nam (Ngo) national helped create a situation where data from Experian was sold…
As noted by us-cert.gov there are many methods of taking advantage of SQL injection opening in a website. The real problem is when companies don’t admit…
NVD or at the http://nvd.nist.gov/home.cfm NIST is the National Institute of Standards and Technology. NVD contains: 62145 CVE Vulnerabilities 231 Checklists 248 US-CERT Alerts…
Yes Drupal version 7.x – 3.5 now has a remote command injection vulnerability. Packetstormsecurity has a page on it. patch to the latest software (May 3rd…
Have you checked wifi signals as to their effectiveness? Is your wifi router/ access point using good encryption technology? Wardriving: Peter Shipley coined the term “wardriving”…
Here are the CVE vulnerablities for April 2014 so far. CVE (Common Vulnerabilities and Exposure) vulnerability data are taken from National Vulnerability Database (NVD) xml feeds provided…
CVEdetails has a list of all CVE’s This is a vulnerability that is part of the infrastructure of the Internet webservers (Apache specifically) But specifically this…