There’s apparently been a huge drop in SPAM after two ISPs were cut off.
Stories from Washington Post, and BBC. Brian Krebs of the Wash Post also talks about this in his Security Fix Blog.
More ISPs are allocating resources for DDoS attacks according to Arbor Network’s 2008 Worldwide Infrastructure Security Report. A related article is on ZDNet and an article on Vunet talks about ISP’s fear on IPv6 threats.
A study by Google, presented at the RIPE Meeting in Dubai reports that France and Russia are ahead in IPv6 .
Security Focus reports that, “Anti-malware testing group releases standards“, and they can be downloaded here.
SANS will also have a Webcast on Understanding the WPA/WPA2 Break.
Since we’re on the topic of webcasts, SourceBoston’s 2008 Conference from March of this year have been up on Blip.tv for a while now. They have great presentations on Incident response, Secure Coding, etc.
And since I enjoyed Schneier’s essay on, “The Psychology of Security“, I just thought that InfoSec professionals would find it funny that the Washington Times reports that Paranoia is on the rise :).
SC Magazine Whitepaper Roundup
Top five strategies for combating modern threats – is anti-virus dead?
By: Sophos Plc.
Today’s fast, targeted, silent threats take advantage of the open network and new technologies that support an increasingly mobile workforce. Organizations need innovative approaches to protect the web, email servers and endpoint. This paper discusses the security implications of modern…
Complying with the Payment Card Industry’s Data Security Standard
By: DeviceLock, Inc.
The Payment Card Industry Data Security Standard (PCI DSS) was drawn up in order to reduce leakage and inappropriate use of credit card information. It contains over 100 clear information security requirements for all companies who process, store or transfer data about cardholders: banks, processing…
Addressing the Operational Challenges of Administrative Passwords
By: ManageEngine
Enterprises making use of various IT systems (servers, devices, applications etc.) face numerous challenges due to the proliferation of administrative passwords (also called as privileged passwords). This white paper discusses the problems associated with administrative password proliferation with…
Tripwire PCI DSS Solutions- Automated, Continuous Compliance
By: Tripwire, Inc.
Find out step-by-step what it takes to become compliant with the Payment Card Industry (PCI) Data Security Standard (DSS), and how Tripwire can help your company achieve and maintain PCI compliance.
Malware Security: Taking the Botnet Threat Seriously
By: FireEye, Inc.
How does malware continue to infiltrate networks? Primarily because traditional defenses only address the threat in pieces and parts, which leaves gaps in the enterprise security infrastructure. Meanwhile, malware has become organized to form massive ‘botnets’ (networks of compromised…
ComputerWorld Technical Briefing: Mission-Critical Security – The Threat from Within
By: PacketMotion
We all know blind spots are bad for drivers but are you aware of how potentially disastrous they can be for IT security professionals? Take a few minutes to review this Computerworld report and you’ll get a clear picture of both the problem and the solution!.
Automating Code Reviews: How to Manage Application Risk on a Shrinking Budget
By: Veracode
In a tightening economy many organizations are faced with a “do more with less” mandate on their budgets and their security strategies. On-demand application security testing offered as an outsourced service – based on binary analysis and multiple scanning technologies…
Database Auditing Tools and Strategies
By: Sensage
Learn about a new set of software tools that provide low overhead audit collection with storage, alerting and reporting capabilities. This paper details the trade-offs and strategy of each option.
InfoSec Philippines 