Sister CISA CISSP:

August, 2009

1

August 30, 2009  12:46 AM

Securing ALL Your Web Services

Arian Eigen Heald Arian Eigen Heald Profile: Arian Eigen Heald

A number of commentators, notably IBM's Kris Lamb, have reported that malicious code is no longer limited, for the most part, to p0rn and other sleazy websites. Hackers are targeting the...

August 28, 2009  2:02 PM

Small Business is Being Targeted

Arian Eigen Heald Arian Eigen Heald Profile: Arian Eigen Heald

The days when you could assume that because your company was so small hackers wouldn't care, have officially gone past. Security by obscurity has passed as well. Now the thieves are looking for small businesses so they can get to the banking accounts and wire money. I was called on...


August 26, 2009  3:18 PM

Check out this Article on Wireless

Arian Eigen Heald Arian Eigen Heald Profile: Arian Eigen Heald

I don't usually promote other articles - it's kind of "cheating," but short of copying and pasting the entire article, I've got to send you in the direction of Lisa Philfer's article on

  Bookmark and Share     0 Comments     RSS Feed     Email a friend


August 24, 2009  6:31 PM

By the Numbers

Arian Eigen Heald Arian Eigen Heald Profile: Arian Eigen Heald

I was reading through the list of 2009 reported data breaches/identity theft/etc over on Identitytheft.Info and pondering the patterns that might be visible with a little help of sorting/filtering in Excel. Part of the problem is that...


August 20, 2009  3:42 PM

Points to Ponder: Reviewing the “SoupNazi” Activities

Arian Eigen Heald Arian Eigen Heald Profile: Arian Eigen Heald

By now I'm sure you've heard that Albert Gonzalez is being charged with the attacks on Hannaford, Heartland, 7-Eleven, etc. In between all the excited reporting, are some points that admins and auditors ought to pay attention to. We ought to ponder how this attack is different from attacks in the...


August 17, 2009  7:20 PM

Blaming the Auditor for Bad Security

Arian Eigen Heald Arian Eigen Heald Profile: Arian Eigen Heald

Heartland Security has attempted to point the "Public Finger of Blame" at the hapless QSA auditor they used for PCI compliance, saying that the "QSA let us down." So who is in charge of security, Heartland or the auditor? Security is a corporate posture, not a pass/fail compliance test. You can...


August 10, 2009  12:54 PM

Which One is More Clueless? I Can’t Decide

Arian Eigen Heald Arian Eigen Heald Profile: Arian Eigen Heald

I ran across a story about a former employee who "broke into" his employer's computers, according to a news story from a TV station, entitled Cops: Former Worker Hacked Casino Computers. Now, here's the...


August 7, 2009  3:47 PM

Things NOT to Do When You’ve Been Hacked, Part II

Arian Eigen Heald Arian Eigen Heald Profile: Arian Eigen Heald

I finally asked that deadly question: "What do your Incident Response Procedures say?" Whoops, there goes all the buddy-buddy geekiness: I have morphed into The Auditor Who Asks Questions. "Umm, well, they pretty much say to do what we just did." I notice the vagueness of the reply,...


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: