Archive for security

You are browsing the archives of security.

Computer Security For Beginners

Don’t put any information that you don’t want exposed on any computer system that is connected to anything. Consider using a second computer that is not connected or a portable USB drive that can be unplugged or encrypted. Don’t connect any computer system to any other system or network of system without considering possible negative […]

BioHacking and Security

Homebrew bio-hacking kits will enable bio-terrorism and change the face of security requirements. Once, genetic engineering required big expensive laboratory environments. A cheap kit won’t make you an instant genetic engineering expert but it can start you down the path to understanding how it works. Homebrew chemistry, electronics, and computer kits have sparked interest and […]

Cracking the Kryptos Code

In 1990, a sculpture named “Kryptos” (greek – hidden) was dedicated in a courtyard inside the Langley headquarters building of the CIA. The sculpture is made of large copper plates that display nearly 900 text characters. The characters are an encrypted message intended to be a challenge to cryptologists. CIA Releases Analyst’s Fascinating Tale of […]

Hidden Expenses in Cloud Computing

Cloud computing may not deliver the cost savings that everybody seems to expect. The general computing community seems to take it for granted that the driving reason for moving to a cloud is a great reduction of costs. While it is true that cloud operations can offer some reductions in hardware and head count costs, […]

Security Compliance Inspections Can Be Fun

Doing computer security compliance inspections involves a lot of work and is always interesting. Javvad Malik presents his own take on compliance inspections and mistakes in response to a list of mistakes from Tripwire. infosec mistakes – [youtube.com] We all learn from our mistakes as we progress through our careers. Tripwire have compiled a list […]

Cloud Security as an Interconnection

Connecting your information system to a cloud is an interconnection. NIST guidance on handling the security of interconnections is documented in SP 800-47 “Security Guide for Interconnecting Information Technology Systems”. The security protections required for an interconnection will depend upon the nature of the connection being established. If the connection uses a clearly limited profile […]

Cloud Security Layers

Situational awareness is one of the most difficult things to get right in doing cloud security, and hand in hand with that goes inventory awareness. To understand why, take a look at the layers involved with cloud security: Facility physical environment – the building and physical environment in which the data center infrastructure resides Infrastructure […]

Interconnection Security

The most fundamental reason to interconnect systems is to share data, but that can be accomplished at a variety of levels. A system interconnection can be limited and simple, using email to transfer data between systems, or it could allow two databases to share data. It can be a connection that is only used when […]

ATM Skimmers

For several years, reports of ATM skimmer devices have been increasing. These devices are usually designed to fit over the card receptacle on an ATM machine or gas pump or other form of debit/credit card reader. They intercept the card data and may also collect the pin number entered and save the data for thieves […]

SANS Blogs

This is a new resource that will most likely, with all the resources and brilliant security minds that SANS can bring to the table, grow in value significantly over time. Keep an eye on this list.   SANS Blogs – [sans.org] SANS has created a handful of blogs that are custom-tailored to computer and network […]