Imagine the space of all policies, where one point in that space is the current status quo policy. To a first approximation, policy insight consists on learning which directions from that point are "up" as opposed to "down." This space...

Iron Geek: Change your Windows OS TCP/IP Fingerprint "confuse P0f, NetworkMiner, Ettercap, Nmap and other OS detection tools"

submitted by manitol [link] [21 comments]

submitted by tullypimp to reddit.com [link] [121 comments]

submitted by escape_goat to business [link] [69 comments]

Expert gives tips on how to detect and remediate internal botnet infestations

Two new studies challenge current wisdom about calculating an enterprise's security risk -- and recommend rethinking the process

submitted by marc-kd to politics [link] [8 comments]

submitted by nom_de_guerre [link] [21 comments]

The PCI Security Standards Council (PCI SSC), a global, open industry standards body providing management of the Payment Card Industry Data Security Standard (PCI DSS), PIN Entry Device (PED) Security...

Four leading Web sites were or are vulnerable to attack through an underrated vulnerability, according to Princeton University researchers. While ING Direct, YouTube and Metafilter have taken action to address the cross-site-request-forgery (CSRF) vulnerabilities, the fourth site, belonging to The New York Times, has not been fixed, the researchers claimed in a blog post. CSRF flaws can be exploited so a user's browser is hijacked during a session and used to access a secure target ...

There have been a few mentions of the TCP Sockstress AKA TCP state table manipulation vulnerability( ...(more)...

Yesterday, following up after recording the podcast on clickjacking, I was talking with Robert Hansen about the TCP flaw some contacts of his found over in Sweden. He wrote it up in his column on Dark Reading, and Dennis Fisher over at TechTarget also has some information up. Basically, it’s a massive unpatched denial of service attack that can take down nearly anything that uses TCP, in some cases forcing remote systems to reboot or ...

For some Linux distribution projects, new releases come twice a year. That had been the plan for Gentoo Linux this year, until it canceled its current planned release -- the second time it's done so in the past 12 months. But the news doesn't necessarily mean a setback for the project.

Maybe you’ve never penned a single blog entry, never been asked to write a progress report, never had to read over a colleague’s work for errors, and never had to send a critically important e-mail message to your boss. If that’s the case, you’re free to go now. But for most of us, a certain amount of writing is part of our job — and unfortunately

Giving a man of any age a powerful laser is like giving a bear an AK-47: it’s in his very nature to point it at things and look menacing. Thankfully, the bear is rarely able to do any damage - no trigger finger - but the man, be he 16 or 65 or 33, will definitely aim it at something that will inevitably reflect the laser back into his own eyes, rendering him temporarily blind ...