The Web Hacking Incidents Database 2008: Annual Report
[ Source: Breach Security ]
March 2009-
The much anticipated Breach Security Lab’s Web Hacking Incidents Database (WHID) 2008 Annual Report is ready for download. The WHID project is dedicated to maintaining a record of web application-related security incidents. The WHID’s purpose is to serve as a tool for raising awareness of web application security problems and provide information for statistical analysis of web application security incidents. This year the report findings prove that no company or market sector is immune from ....
Authentication and Fraud Detection Buyer’s Guide from Entrust
[ Source: Entrust, Inc. ]
November 2008-
The Entrust Authentication and Fraud Detection Buyer’s Guide guide has been developed to assist financial services organizations in identifying their requirements for an authentication and fraud-detection solution, and in selecting a solution that meets their security needs. It outlines key questions that should be considered during the selection process to ensure that the chosen solution will address the organization’s requirements both from a business and operational perspective.
Unraveling Web Malware
[ Source: FireEye ]
September 2009-
There has been a rapid rise in the use of web blended threats to exploit client browsers and operating systems. These can lead to infection by bots which can be controlled remotely. Eleven percent of the world’s computers are enmeshed in at least one botnet and 72% of corporate networks with more than 100 computers have an infection.
Obfuscated code and encrypted exploits are increasing in prevalence. The point of these exploits is to ....
Protecting Data from the Cyber Theft Pandemic
[ Source: FireEye ]
September 2009-
Malware-related data breaches have reached pandemic proportions as criminals discover that Internet crime is easy to commit, highly lucrative, and largely under-policed. With a few hundred dollars, a cyber criminal can begin a career of breaking into computers to steal identity and confidential data for sale to the highest bidder. The cyber crime economy is so robust that there is a vibrant market for professional malware toolkits available for $500 to $1,000 that come pre-configured ....
Website Security Tests Protect Against Application Vulnerabilities
[ Source: GamaSec GamaScan Website Security Scan ]
May 2008-
Small and medium-sized enterprises (SMBs) can protect websites against application vulnerabilities with simple, easy-to-use, and affordable service. Firewall, Intrusion prevention and Detection System (IDS/IPS) are not enough to protect your Website against today's application vulnerabilities.
Ten Ways Hackers Breach Security
[ Source: Global Knowledge ]
February 2007-
Hacking, cracking, and cyber crimes are hot topics these days and will continue to be for the foreseeable future. However, there are steps you can take to reduce your organization's threat level. The first step is to understand what risks, threats, and vulnerabilities currently exist in your environment. The second step is to learn as much as possible about the problems so you can formulate a solid response. The third step is to intelligently deploy ....
Risk Management: Bridging Policies and Procedures - Fundamental Security Concepts
[ Source: Global Knowledge ]
October 2008-
One thing that security professionals know is that security is about processes, not about the technology. The key to security is to match the technology to the process, but you have to know the process first. Policies and procedures are the requirements, and risk management is the bridge between the two. Collectively, they are the road maps that lead to effective and efficient security designs. This white paper covers the basics of risk management in ....
Security on a Budget
[ Source: Global Knowledge ]
April 2009-
Security is expensive, but not having security is even more expensive. Preventing damage from malicious attackers, stopping the infestation of malware, and preventing theft and fraud is not cheap. But failing to erect adequate protections for your organization's level of known threat is not a cost-saving measure; it is simply a deferment of the cost until a later date. This white paper discusses several techniques, methods, and tools that can be implemented to save your ....