Widely used data security solutions have been found useless against several methods of data theft, according to tests conducted by a data security Innersafe Corporation. Types of data exposed included those useful for fraud, identity theft, phishing, or spamming. And, like tampered votes in certain electronic voting machines, data theft can remain undetected after it happens.
Something -- maybe a lot of things -- is wrong with how America conducts its elections. As you might have heard, there were a few problems down in Florida back in 2000, and more recently in the Maryland primary. No doubt, voting and vote-counting can be messy, complicated and subject to potentially outcome-shifting flaws. With that as backdrop and five days before Election Day, HBO weighs in tonight with "Hacking Democracy," a somewhat torpid documentary that is itself complicated, flawed and messy.
A new page, quietly added to Google's corporate Web site last month, gives information on the security and safety of the company's Web properties. It also includes a list of people and organizations that Google wishes to thank for reporting security vulnerabilities to it. That's a first among major Web companies, security researchers say. "We want to thank those people for doing the right thing. I wanted to make sure we gave them lots of public 'geek cred,'" Douglas Merrill, vice president of engineering at Google, said in an interview. "The security researchers I know are partially in it for the geek credibility of it--the 'Hey! Look what I did. I am cool.'"
Source: Net-Security.org - LogError - Posted by Administrator
PGP Corporation, Vontu and The Ponemon Institute released the 2006 Annual Study: Cost of a Data Breach. This benchmark analysis details the financial impact of data loss incidents on affected companies. According to the study's 2006 findings, data breaches cost companies an average of $182 per compromised record, a 31 percent increase over 2005. The Ponemon Institute analysed 31 different incidents for the study. Total costs for each ranged from less than $1 million to more than $22 million.
The troll--as such taunting posters are dubbed--would frequently ignite massive angry e-mail responses, or flame wars, at times limiting the usefulness of the Full Disclosure list. Over time, n3td3v took on multiple online personalities, or gained members of the n3td3v group, and attempted to create an online security hub. The group's favorite targets included Yahoo!, Google, other researchers and security news reporters, including this one. Even after n3td3v gave up the virtual ghost in September 2006, no one knew the name of the person who infuriated, and amused, so many researchers.
Trying to lock down your company's applications and protect your systems from attack? If so, security scanners and source-code analysis tools are not up to the job -- despite vendor claims to the contrary.
"There's an awful lot of marketing spiel, people introducing technology tools that are sold as silver bullets," said Mark Curphey, vice president of professional services at McAfee's Foundstone division, in an interview. "The reality is, in a large enterprise, those things generally don't work."
Source: Network World - Posted by Vincenzo Ciaglia
Many of the security measures put in place after the Sept. 11, 2001, attacks on the World Trade Center in New York are doing more harm than good, said two speakers scheduled to present at the Hack In The Box Security Conference (HITB) this week.
The effect of many security measures put in place by governments after Sept. 11 has been to strengthen control over their citizens and erode democratic freedoms, said Roberto Preatoni, a security consultant who works in Italy. "The Internet allows you to do more effective things regarding controlling the population," he said.
So you just bought and assembled a brand-new AMD64 workstation. The only decision that remains is whether to install a 64-bit Linux distribution, or stick with comfortable, tried-and-true IA-32. If you are seeking an easy answer to that question, I can't help you. Running 64-bit Linux has its pros and cons. Unfortunately, a lot of the cons are out of your hands -- but they're not really Linux's fault, either.
Ark Linux project developers operate on a "no-frills" policy when it comes to deciding what features will be included in their distribution. They strive to provide only the tools necessary for a typical desktop user, creating a lean, mean Linux. When some users came asking for more features, rather than violate their policy of simplicity, the developers launched a completely new company called YOLD (Your Own Linux Distribution).
IBM announced today that it has entered into a definitive agreement to purchase Internet Security Systems (ISS), a publicly traded Internet security provider based in Atlanta.
