Industry


Ads by TechWords

See your link here


All Michael R. Farnum's Posts
Michael R. Farnum's picture
Michael R. Farnum

Hitting the Security Nerve

Bot herders using Twitter for command and control

Good ol' Twitter -- it is so versatile that bot herders are using it to control their bots. Man, what else can happen to this app?

...Read more

Heartland CEO gets a smackdown after his CSO interview

Rich Mogull of Securosis puts a rear naked choke on the Heartland CEO Robert Carr in his post about Mr. Carr's interview with CSO magazine. Thankfully, Rich is an EMT, so he knows how to revive him.

...Read more

Social Networking and cyber attacks - is this our future?

Are all of us who use some form of social networking websites doomed to living through DoS after DoS because of political battles across the world? I really hope not, but I fear the reality.

...Read more

SSH password attacks on the rise

Beware SSH password attacks! The SANS Internet Storm Center is pointing out successful SSH password brute force attacks and gives some counter-measures.

...Read more

Employee responsibility at conferences

There is no doubt that conferences can be fun. But if your employer sends you to a conference, what are your responsibilities while you are attending?

...Read more

RSA Conference scholarship opportunity

Have you attended the RSA Conference in the past couple of years and have also recently lost your job? Here's an opportunity to go to RSA again on their dime.

...Read more

Minimize disgruntled workers through furloughs

Are you a business owner hit by the recession that is considering layoffs but has worries about disgruntled workers?  Do you need to save some money but don't want to lose intellectual property to your ex-employees?  If so, maybe you should consider furloughs.

...Read more

Swiping your own card in Nashville

A Nashville, TN, restaurateur is offering his clients the opportunity to swipe their own credit cards when they dine in his establishment. Is this just window dressing, or is it a good idea?

...Read more

Mule skinners need background checks

I would cry if this just wasn't so darn hilarious. Mule skinners, aka "seasonal workers who dress in colonial garb at a historical park in Easton, Pa, " have to get Coast Guard credentials to operate a mule-drawn boat (stupid). Worse, the Maritime Transportation Security Act of 2002 requires that anyone holding that cred "must apply for biometric Transportation Worker Identification Credentials (TWIC)". 

...Read more

New Excel 0-day being exploited

Symantec is reporting that there is an exploit in the wild for an Excel 2007 and Excel 2007 SP1 zero-day remote code execution vulnerability (other versions may be affected as well).  There's not a lot of publicly available information about the trojan or the vulnerability.  Symantec is saying that the vulnerability is being exploited by a variant of the Mdropper trojan, which they are calling Trojan.Mdropper.AC.  There are no patches for this yet (which is part of the definition for 0-day, so duh).

...Read more

Reported federal cyberattacks increasing

It looks like cyberattacks against federal networks are increasing.  This comes from an article in USA Today stating that in 2008 there was a 40% increase of reported cyberattacks against U.S. Government computer networks, with many of the attacks coming through attempts to plant malware to get to sensitive data.

...Read more

The process for scoping internal PCI pen tests

Here is the typical process for scoping out internal penetration tests for those companies that need to be compliant with PCI DSS.

...Read more

Low tech hack reveals Facebook / ConnectU settlement details

The old cut-and-paste trick strikes again.

...Read more

Trojans from windshield fliers

Some fairly innovative bad guys are using windshield fliers to spread trojans. No, the fliers don't have USB flash drives glued to them.

...Read more

Less is more

Dreaming big is fine. But knowing when to come back to reality is often the key to the solution. Sometimes the low-tech hack is the hack to use.

...Read more