Enclave Security "A Leader in Data Protection Services"

• Home
• Auditing
• Services
• Blogs
• Resources
• About Us

Subscribe to This Feed

Recent Posts

• IT Security Highlights March 11 2010
• IT Security Highlights March 10 2010
• IT Security Highlights March 9 2010
• IT Security Highlights March 8 2010
• IT Security Highlights March 5 2010

Categories

• 20 Critical Controls
• 44th Presidency Cybersecurity efforts
• Acceptable Use
• Advanced Persistent Threat
• Assurance
• Audit
• Background Checks
• Checklists
• CISA
• Crime
• Cyber Warfare
• Cybercrime
• Data Leakage Protection (DLP)
• Data Theft
• DHS Infrastructure Reports
• Encryption
• Free Audit Checklists
• George Orwell’s Big Brother
• Green IT
• Health Information Technology
• HIPAA
• Information Security Awareness
• IPv6
• Kelli Tarala
• Legal & Privacy
• Malware
• Medical Identity Theft
• Microsoft Windows
• Policy
• Progressive Reforms
• Remote Code Execution
• Risk
• SANS Institute
• Secure Development Lifecycle (SDL)
• Sexting
• Sharpen the Saw
• Situational Awareness
• Social Contract
• Social Engineering
• Social Networking
• Tools
• Training
• Web 2.0
• Wireless
• Writing Secure Code

Attend an Event

Enclave on Twitter

Data Leakage Protection (DLP)

Info Sec Highlights from the DHS Open Source Report 12-30-2009

Thursday, December 31st, 2009

2010 Security Predictions: Adobe will be Hacker’s Favorite Targets
In its “2010 Threat Predictions,” security vendor McAfee said Adobe Systems’ Flash and Acrobat Reader products will become the preferred targets for criminal hackers. Adobe’s CTO acknowledged recently that his company’s software is being attacked more frequently, and said the company has stepped up its efforts to [...]

Info Sec Highlights from the DHS Open Source Report December 9th, 2009

Wednesday, December 9th, 2009

Cloud-Based Service for Wireless Password Cracking
The WPA Cracker is a cloud-based service that accesses a 400-CPU cluster. For $34, it can run a password against all 135 million entries in about 20 minutes. Those willing to wait 40 minutes can pay $17 to access the system at half mode. This service is notable because its [...]

Paper-based Data Leakage Still a Concern

Monday, June 15th, 2009

There is an intriguing article in the Saturday Washington Post about the lawsuit involving Hilton Hotels and Starwood Hotels regarding boutique hotel branding. In a suit filed in federal court in New York on April 16th, Starwood’s suit alleges that Hilton stole more than 100,000 electronic and hard copy files containing trade secrets to help [...]

Security Metrics and Risk, How valuable is that dashboard report?

Friday, March 27th, 2009

Information security risks are hard to quantify because they involve a lot of “what-if” and “it might happen.” Risks are basically Threats multiplied by Vulnerabilities multiplied by Consequences. Information Security departments use number driven performance dashboards to represent information security risks to a company, or to compliance.
What exactly are these reports saying?
Introducing a little Security [...]

Moving over Keystroke Loggers, now we have Dynamic Time Warping?

Monday, March 23rd, 2009

Researchers at InversePath announced at the Tenth Annual CanSecWest conference that they were able to detect sniff keyboard strokes and determine which letters were being typed. They were able to detect and deduce the mechanical emissions from a keyboard by pointing a laser on the reflective surface of a laptop. Security Engineer Andrea Barisani and [...]

Data Theft and Least Privilege

Wednesday, December 3rd, 2008

Security vendor Cyber-Ark recently released a survey that 71 percent of employees globally said they would steal sensitive data if they were fired suddenly. The information stolen from current employers could be sold to competitors as an act of corporate espionage or used as negotiating tools in their current situation. The tool of choice would [...]