December 29, 2009 7:58 PM
Posted by: Arian Eigen Heald
Automatic Theft Machines,
cloud computing,
Cloud Security,
information security,
SQL Injection,
Start Laughing Now,
TCM (Truly Clueless Management)There are a bunch of year end studies coming out, predicting various sorts of rises and decreases in criminal activity on the Internet. ("cybercriminal" sounds way too glamorous for me.)
So I thought I'd offer up, in the spirit of the season, my two cents:
Under the Category of Bad...
December 15, 2009 2:41 AM
Posted by: Arian Eigen Heald
Add new tag,
information security,
SQL Injection,
Web SecurityAccording to Dark Reading, and the original article from a security researcher from Scan Safe an attack that started in November using SQL...
December 8, 2009 8:21 PM
Posted by: Arian Eigen Heald
etc,
information security,
information security policy,
TCM (Truly Clueless Management),
TwitterMy sister-in-law asked me yesterday about getting her company on Twitter and other social media sites like Facebook. She said that they would need to disable blocking functions in the office firewall to make it work.
She also said that their IT department was very much against the idea, and she...
November 13, 2009 9:49 PM
Posted by: Arian Eigen Heald
Data Breaches,
data security,
information security,
TCM (Truly Clueless Management)Reviewing yet another data breach in the news, I was struck by the phraseology of the news report. Specifically, the article on MassMutual brought a point to mind that I keep using with companies and...
November 10, 2009 6:06 PM
Posted by: Arian Eigen Heald
Data Breaches,
Digital Forensics,
Incident Response,
information securityIn a previous column, I talked about the importance of locking up a computer and not continuing to use it after it has been compromised, or the fraudster was fired.
This works in a lot...
November 5, 2009 4:52 PM
Posted by: Arian Eigen Heald
cloud computing,
Cloud Security,
Data Breaches,
Data Center,
data security,
information securityAs I'm sure you know, I'm not yet a big fan of "cloud computing," known by various acronyms. I have yet to see a really comprehensive approach to audit and security. Ultimately, you don't know where your data is in the "cloud." And the Feds have access to it without a warrant.
So you...
October 30, 2009 12:53 AM
Posted by: Arian Eigen Heald
Data Breaches,
Hardware & InfoSec,
information security,
Stupid Technology,
TCM (Truly Clueless Management),
Tearing My Hair Out,
WirelessIn my previous post, I discussed the Time Warner/SMC modem enormous security flaw.
Lo and behold, I am visited and left a comment by "Adam Wood" defending SMC,...
October 21, 2009 6:52 PM
Posted by: Arian Eigen Heald
Data Breaches,
data security,
information security,
Stupid Technology,
Tearing My Hair Out,
WirelessAs lf 10/20/09, a software maven has written of a major security hole (one you can drive a TRUCK through) in the wifi/cable modem models issued to customers who don't want to use their own equipment.
Here's the link, in all its' details, by David Chen,...
October 15, 2009 5:07 PM
Posted by: Arian Eigen Heald
Data Breaches,
data security,
information security,
PCISince Heartland suffered a data breach (disclosed in January), they've become the poster child for end-to-end encryption. This is defined as encrypting card information from the moment it's swiped until it reaches the card issuer. Of course, there may be some motivation provided by the fact that...
