A real good example why relying on users is a bad idea
There’s a report on an interesting survey over here, stating that 85% of users asked would open an attachment from a friend or collegue ! No wonder spam and virii are still doing well…..
Interesting Post on MS & Least privilege
Dana Epp’s ramblings at the Sanctuary : Microsoft, You’re not setting a very good example. I am disappointed. An interesting post on Dana Epp’s blog talking about running as least privilege (or in this example not) in Windows (also you can read the odd comments from someone I can only assume was trolling ?!) It’s […]
Another anti-phishing initiative
There’s an article about a MasterCard program which combats phishing. I’ve got to say that I’m not that impressed by this kind of approach to combating phishing. If what’s in the article is accurate it basically amounts to looking through content from the entire Internet for potential phishing scams and then shutting them down when […]
Outsourcing mail security, hmmm…
In an article over at Yahoo we’re told Mail Security Service Model Marches On. Its interesting as there definately is an interesting proposition on outsourcing things like management of e-mail security. However I must say, I’d not be too comfortable outsourcing something as critical as e-mail without some very good assurances and SLA’s surrounding it. […]
Security managers in court?!
Now I’ll start this post with the obligatory IANAL, but there’s a story over at Security pipeline, which seems to be saying that Security Managers Could Face Court Penalties for poor security or for making lists of top measures that companies should follow and then not implementing them all… I’ve got to say that the […]
Slashdot story on Cool DNS tricks…
Slashdot | Dan Kaminsky Suggests Having Fun with DNS There’s a story over at slashdot covers a presentation from Dan Kaminsky (of paketto Keiretsu fame) covering some… very interesting ideas about using DNS as a communications channel for arbitrary data (in a similar fashion to things like httptunnel ). Cool stuff this ’cause it drives […]
A interesting article at LURHQ presents – Scanrand Dissected. It’s a great explanation of how scanrand works and also a speed comparison between it and nmap, although the author does point out that nmap has far more functionality than scanrand…. Looks like a great tool for quickly scanning networks for rogue servers….
Interesting Article about Security Policies
An interesting article at nwfusion give us The scoop on security policies. There are some good points in the article about keeping the policy short and to the point, although I’ve tended to find that in larger companies it is a real challenge to convey all the information that you need to, to your userbase […]