Latest Articles

Categories: Compliance

Dennis Fisher: Okay, welcome
back to the Digital Underground podcast. This is the second in the
series of
CSO podcasts that I’m doing and I’m really excited.  I’ve got Larry
Whiteside on the phone.  He’s the chief information security officer
at the Visiting Nurse Service of New York. 
So we’re going to talk a lot about what specific issues he faces in his
day to day job, how they can apply to other CSOs in other industries,
and what
we can all learn.  So Larry thanks a lot
for being on the podcast.

Read more...

Categories: Compliance

Dennis Fisher: Welcome to
the Digital Underground podcast. This is the first episode in what’s going to
be a series of podcasts with CSOs from states around the country. We’re going
to be discussing the unique challenges of running an InfoSec program in the
public sector and what lessons enterprise security staffs can learn from their
counterparts in government. So my guest today is Bob Maley, the chief
information security officer of the commonwealth of Pennsylvania. So Bob,
welcome to the podcast.

Read more...

Categories: Compliance, Web Security

Dennis Fisher: Okay, welcome back to this CSO series podcast, also known
as Real World Security.  My guest today is
Ed Bellis, the CISO of Orbitz Worldwide, one the top travel sites in the
world.  Ed’s got a pretty broad range of
experience in the technology industry, having worked as a web architect at Ford
Motor Company, and a manager at Ernst & Young before getting into the
security world as a V.P.

Read more...

[img_assist|nid=2206|title=|desc=|link=none|align=right|width=80|height=136]Botnets – apart from inundating out inboxes with spam – can also be
used for ulterior purposes such as executing DDoS attacks or hosting
websites, so understanding the “modus operandi” and size behind the
well-known names is a good idea; Here’s a top ten botnet list. Read the full article. [Help Net Security]

Read more...

Categories: Data Breaches, Malware

[img_assist|nid=2204|title=|desc=|link=none|align=right|width=100|height=100]Security researchers have intercepted a new variant of the Zeus crimeware using Amazon’s EC2 services to command and control the botnet. The cybercriminals appear to be using Amazon’s RDS managed database hosting service as a backend alternative in case they lose access to the original domain, which would result in the complete loss of access to the compromised financial data obtained from the infected hosts.  Read the full story [ZDNet]

Read more...

[img_assist|nid=2203|title=|desc=|link=none|align=right|width=130|height=76]Admitted TJX intruder Albert Gonzalez has entered into a plea agreement
on charges that he hacked into Heartland Payment Systems, Hannaford
Brothers, 7-Eleven and two other unnamed national retailers. Read the full article. [Wired]

Read more...

[img_assist|nid=2200|title=|desc=|link=none|align=right|width=100|height=100]An electronics testing firm in Louisiana is suing its bank, Capital One,
alleging that the financial institution was negligent when it failed to
stop hackers from transferring nearly $100,000 out of its account
earlier this year. Read the full article. [Washington Post] 

Read more...