INFORMATION

Site Map - IT Security

Security Breaches More Severe

- Although the number of organizations hit by security breaches has decreased, the severity of the breaches has shown a marked increase.

A Site To See

- If you are a wireless user, you need to know just how many tools are available to compromise wireless networks. Remote-exploit.org highlights tools such as Hotspotter, which acts like a wireless hotspot so that anyone trying to connect to a legitimate network at, say, Starbucks will attach to the attacker’s access point instead. The tools can be downloaded from the Web site along with detailed tutorials—in some cases, step-by-step Flash presentations that walk users through programs that break wireless encryption protocols or that can crack passwords. The need for information on how wireless networks can be vulnerable makes Remote-exploit.org A Site to See. @ Get there via SM Online.

Cybersecurity Checklist

- The United States Cyber Consequences Unit released a checklist to help business managers assess their companies’ cybersecurity.

Hacking Wireless Networks for Dummies

-

Worth a Look: Portable Data Safes

- Software that’s built into the drive provides encryption, an e-wallet function for storing credit card numbers, and single sign-on to applications and Web sites. Data is encrypted using 256-bit AES encryption. A 4-to-40-character password is optional.

Old E-Mail Worms Never Die

- Security and outsourcing, cell-phone risk, e-mail worms, and what’s new in secure portable data devices.

Has Cybercrime Surpassed Physical Crime?

- Cybercrime versus physical crime, antiterror advice, cargo security, and rail security.

IT Security

- A new report from the IT Governance Institute finds that IT security should be handled at the top level.

Computer Vulnerabilities

- Connecting an unsecured computer to the Internet could be disastrous, according to a study by network-security provider StillSecure.

Black Hat Physical Device Security: Exploiting Hardware and Software

- One Web-based video camera system described in the book was released with a flaw that would allow a misspelled Web address to bypass all authentication mechanisms in the system, granting the user full administrative access to the devices.

Nostalgic for the Days of “My Doom”

- Under Symantec’s system, malicious code is ranked from one to five; the higher numbers—what Turner calls “bell-ringing alarm threats”—represent the threats that cause much immediate damage and are difficult to contain because they are widely distributed. “We’ve only seen six category-three worms in 2005,” Turner says, referring to the most recent statistics compiled in the report, “whereas in 2004 we saw 32.”

Does SSL Lock Trouble In?

- SSL traffic is all but invisible to an enterprise, according to a survey of 319 IT security and networking professionals by Blue Coat Systems. More than 72 percent said they had no way to look inside SSL traffic, a situation that nearly 90 percent of the respondents said was risky, particularly as it can pass through firewalls unseen and untouched.

Defining Moment

- Every document file (for example, those such as .doc, .txt, .xls, and so on) could be sucked off your computer’s hard drive and onto an iPod in under two minutes, according to Abe Usher of Sharp Ideas, LLC, who created a proof-of-concept application to do just that.
 




Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.