Skip to main content

Home/ Information Security/ Group items tagged computer security

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
seth kutcher

Two Thumbs Up For Computer Assistance Services - 2 views

I am so happy for the computer assistance that Computer Assistance Online gave me. They provided me with precise and fast solutions to my computer problem. Their computer specialists really know wh...

computer assistance

started by seth kutcher on 06 Jun 11 no follow-up yet
paul silmonet

Instant Fix Slow Computer Solutions - 0 views

I bought a brand new PC with good specifications just last month. But only three weeks of use, I noticed that my PC froze and slowed down a bit. For the next three days, it continued to slow down. ...

Fix Slow Computer

started by paul silmonet on 12 Jun 11 no follow-up yet
Travis Post

Practical Computer and Information Security Tips - 0 views

www.onguardonline.gov

security FTC Internet fraud identity theft

shared by Travis Post on 26 May 11 - Cached
  • Travis Post on 26 May 11
     
    OnGuardOnline.gov provides practical tips from the federal government and the technology industry to help you be on guard against internet fraud, secure your computer, and protect your personal information.
Skeptical Debunker

Browser history hijack + social networks = lost anonymity - 0 views

arstechnica.com/...al-networks-lost-anonymity.ars

social networking phishing identity exposure research

shared by Skeptical Debunker on 25 Feb 10 - Cached
  • Skeptical Debunker on 25 Feb 10
     
    Simply joining a few groups at social networking sites may reveal enough information for hackers to personally identify you, according to some recent computer science research. In a paper that will be presented at a security conference later this year, an international team of academics describes how they were able to build membership sets using information that social networking sites make available to the public, and then leverage an existing attack on browsing history to check for personal identity. That information, they argue, can then be combined with other data to create further security risks, such as a personalized phishing attack.
shalani mujer

Trusted PC Tech Support - 1 views

Computers are the most essential commodity for me, especially for my business. That is why whenever I experiences computer trouble, I would really look for a PC tech support specialist to fix my co...

PC tech support

started by shalani mujer on 30 Sep 11 no follow-up yet
Skeptical Debunker

Microsoft Recruited Top Notch Guns for Waledac Takedown - CIO.com - Business Technology... - 0 views

www.cio.com/...otch_Guns_for_Waledac_Takedown

Microsoft VeriSign Waledac botnet counterattack

shared by Skeptical Debunker on 25 Feb 10 - Cached
  • Microsoft revealed on Wednesday that it gained a court order that compelled VeriSign, the .com registry, to remove 277 ".com" names from its rolls, effectively cutting off communication between the Waledac's controllers and their infected machines. The legal action is unprecedented at the domain name level, said Andre' M. DiMino, co-founder of The Shadowserver Foundation, a group that tracks botnets and helped take down Waledac. In June 2009, a federal court ordered the shutdown of 3FN, a rogue ISP supplying connectivity to botnets such as Pushdo and Mega-D, but this appears to be the first major action at the domain-name level. "It's definitely pretty groundbreaking," DiMino said. "To disable and disrupt a botnet at this level is really pulling the weed out by the root." But behind the scenes, Microsoft's legal action was just one component of a synchronized campaign to bring down Waledac. Last year, researchers with the University of Mannheim in Germany and Technical University Vienna in Austria published a research paper showing how it was possible to infiltrate and control the Waledec botnet. They had studied Waledac's complicated peer-to-peer communication mechanism. Microsoft -- which was annoyed by Waledec due to its spamming of Hotmail accounts -- contacted those researchers about two weeks ago to see if they could perform their attack for real, according one of the University of Mannheim researchers, who did not want to be identified. "They asked me if there was also a way besides taking down those domains of redirecting the command-and-control traffic," said the Mannheim researcher. Waledac distributes instructions through command-and-control servers that work with a peer-to-peer system. Led by a researcher who did his bachelor thesis on Waledac, the action began early this week. "This was more or less an aggressive form of what we did before," the Mannheim researcher said. "We disrupted the peer-to-peer layer to redirect traffic not to botmaster servers but to our servers." At the same time, Microsoft's legal efforts brought down domain names that were used to send new instructions to drones. The result has been dramatic: Up to 90 percent of the infected machines, which amount to at least 60,000 computers, are now controlled by researchers, half of which are in the U.S. and Europe and the rest scattered around the globe.
  • Skeptical Debunker on 25 Feb 10
     
    Four days ago, top-notch computer security researchers launched an assault on Waledac, a highly sophisticated botnet responsible for spreading spam and malicious software. As of Thursday, more than 60,000 PCs worldwide that have been infected with malicious code are now under the control of researchers, marking the effort one of the most highly successful coordinated against organized cybercrime.
anonymous

Why should Penetration Testing be conducted frequently - 0 views

goo.gl/lS5mdf

information informaion security infosec information technology penetration testing pen testing technology tech internet

shared by anonymous on 13 Jan 17 - No Cached
  • anonymous on 13 Jan 17
     
    The popularity of cloud computing and BYOD really brought information security to the forefront. The intruders also got smarter and more intelligent in finding new ways and new loopholes to attack. In order to deal with the future attacks, what a business…
Robin Dale

Misconceptions About The USA Patriot Act and Data Security in the Cloud Sector - 1 views

blog.bodhost.com/a-security-in-the-cloud-sector

"cloud computing" "patriot act" "data security"

shared by Robin Dale on 13 Jun 13 - No Cached
  • Robin Dale on 13 Jun 13
     
    This blog post speaks about the misconceptions people are having about the USA Patriot Act and Data Security, especially in the cloud sector.
netsec

Amazon.com: A New Host-Based Hybrid IDS Architecture - A Mind Of Its Own: The Know-how ... - 0 views

www.amazon.com/...ref=sr_1_1

ids intrusion detection system intrusion detection host-based intrusion detection hybrid intrusion detection host-based hybrid intrusion detection network security internet security computer security information security

shared by netsec on 04 Sep 09 - No Cached
  • netsec on 04 Sep 09
     
    Amazon.com: A New Host-Based Hybrid IDS Architecture - A Mind Of Its Own: The Know-how Of Host-Based Hybrid Intrusion Detection System Architecture Using Machine Learning Algorithms With Feature Selection (9783639172881): Murat Topallar: Books
Carlos Gomes

The SwitchWare Project - 0 views

www.cis.upenn.edu/...index.html

assurance msia security security.toresearch

shared by Carlos Gomes on 13 Mar 07 - Cached
  • The SwitchWare Project Active Network Research at Penn and Bellcore Active networks explore the idea of allowing routing elements to be extensively programmed by the packets passing through them. This allows computation previously possible only at endpoints to be carried out within the network itself, thus enabling optimizations and extensions of current protocols as well as the development of fundamentally new protocols. Welcome to the SwitchWare home page, describing the Active Networks research effort underway in the Penn Department of Computer and Information Science and Bellcore as well as pointers to related material.
Skeptical Debunker

FTC warns firms, organizations of widespread data breach - 0 views

www.physorg.com/news186082629.html

FTC warning personal information compromised

shared by Skeptical Debunker on 23 Feb 10 - Cached
  • The FTC declined to identify the companies or organizations involved, but said they were both "private and public entities, including schools and local governments." The companies and organizations ranged in size from "businesses with as few as eight employees to publicly held corporations employing tens of thousands," the FTC said in a statement. It said sensitive data about customers and employees had been shared from the computer networks of the companies and organizations and made available on Internet peer-to-peer (P2P) file-sharing networks. The information was accessible to "any users of those networks, who could use it to commit identity theft or fraud," the FTC said. "Unfortunately, companies and institutions of all sizes are vulnerable to serious P2P-related breaches, placing consumers' sensitive information at risk," FTC chairman Jon Leibowitz said. "For example, we found health-related information, financial records, and drivers' license and social security numbers -- the kind of information that could lead to identity theft," Leibowitz said.
  • Skeptical Debunker on 23 Feb 10
     
    The US Federal Trade Commission (FTC) said Monday it has notified nearly 100 companies and organizations of data breaches involving personal information about customers or employees.
Skeptical Debunker

Huge 'botnet' amputated, but criminals reconnect - washingtonpost.com - 0 views

www.washingtonpost.com/...AR2010031003890.html

botnet maleware ZeuS reconnected

shared by Skeptical Debunker on 11 Mar 10 - Cached
  • Skeptical Debunker on 11 Mar 10
     
    "The sudden takedown of an Internet provider thought to be helping spread one of the most promiscuous pieces of malicious software out there appears to have cut off criminals from potentially millions of personal computers under their control. But the victory was short-lived. Less than a day after a service known as "AS Troyak" was unplugged from the Internet, security researchers said Wednesday it apparently had found a way to get back online, and criminals were reconnecting with their unmoored machines. "
Carlos Gomes

Welcome to CAcert.org - 1 views

www.cacert.org/index.php

assurance cryptography msia pki security

shared by Carlos Gomes on 13 Mar 07 - Cached
  • CAcert.org is a community driven, Certificate Authority that issues certificates to the public at large for free. CAcert's goal is to promote awareness and education on computer security through the use of encryption, specifically with the X.509 family of standards. We have compiled a document base that has helpful hints and tips on setting up encryption with common software, and general information about Public Key Infrastructures (PKI). For the enthusiast looking to dip their toe in the water, we have an easy way of obtaining certificates you can use with your email program. You can use these not only to encrypt, but to prove to your friends and family that your email really does come from you. For administrators looking to protect the services they offer, we provide host and wild card certificates which you can issue almost immediately. Not only can you use these to protect websites, but also POP3, SMTP and IMAP connections, to list but a few. Unlike other certificate authorities, we don't limit the strength of the certificates, or the use of wild card certificates. Everyone should have the right to security and to protect their privacy, not just those looking to run ecommerce sites. If you're extremely serious about encryption, you can join CAcert's Assurance Programme and Web of Trust. This allows you to have your identity verified to obtain added benefits, including longer length certificates and the ability to include your name on email certificates. CAcert Inc. is a non-profit association, incorporated in New South Wales Australia.
Seçkin Anıl Ünlü

Plugging the CSS History Leak at Mozilla Security Blog - 0 views

blog.mozilla.com/...plugging-the-css-history-leak

security web history mozilla online browsers privacy bugfix

shared by Seçkin Anıl Ünlü on 17 Apr 10 - Cached
  • History Sniffing
  • Links can look different on web sites based on whether or not you’ve visited the page they reference.
  • The problem is that appearance can be detected by the page showing you links, cluing the page into which of the presented pages you’ve been to. The result: not only can you see where you’ve been, but so can the web site!
  • ...18 more annotations...
  • The most obvious fix is to disable different styles for visited versus unvisted links, but this would be employed at the expense of utility: while sites can no longer figure out which links you’ve clicked, neither can you.
  • David Baron has implemented a way to help keep users’ data private while minimizing the effect on the web, and we are deploying it to protect our users.
  • The biggest threats here are the high-bandwidth techniques, or those that extract lots of information from users’ browsers quickly.
  • The JavaScript function getComputedStyle() and its related functions are fast and can be used to guess visitedness at hundreds of thousands of links per minute.
  • we’re approaching the way we style links in three fairly subtle ways:
  • Change 1: Layout-Based Attacks
  • First of all, we’re limiting what types of styling can be done to visited links to differentiate them from unvisited links.
  • can only be different in color
  • the CSS 2.1 specification takes into consideration how visited links can be abused:
  • implement other measures to preserve the user’s privacy while rendering visited and unvisited links differently
  • Change 2: Some Timing Attacks
  • we are changing some of the guts of our layout engine to provide a fairly uniform flow of execution to minimize differences in layout time for visited and unvisited links.
  • when the link is styled, the appropriate set of styles is chosen making the code paths for visited and unvisited links essentially the same length.
  • Change 3: Computed Style Attacks
  • JavaScript is not going to have access to the same style data it used to.
  • Firefox will give it unvisited style values.
  • it’s the right trade-off to be sure we protect our users’ privacy.
  • fixing CSS history sniffing will not block all of these leaks. But we believe it’s important to stop the scariest, most effective history attacks any way we can since it will be a big win for users’ privacy.
valuementor

What is advanced Penetration testing - 2 views

Advanced penetration testing is a simulated cyber security testing to check for exploitable vulnerabilities in a system. Pen testing may involve attempted breaching of application systems or front...

security Cyber computer identity penetration testing

started by thomasma277 on 20 Jul 20 1 follow-up, last by valuementor on 20 Jul 20
wolf hesse

Denial of service denial | Science Blog - 3 views

www.scienceblog.com/...nial-service-denial-25704.html

security ddos dos defense architecture protocol research

shared by wolf hesse on 02 Oct 09 - Cached
Tsudo liked it
  • However, current filters usually rely on the computer being attacked to check whether or not incoming information requests are legitimate or not. This consumes its resources and in the case of a massive DDoS can compound the problem.
  • The user's computer has to present a filter value for the server to do a quick check. The filter value is a one-time secret that needs to be presented with the pseudo ID. The pseudo ID is also one-time use. Attackers cannot forge either of these values correctly and so attack packets are filtered out.
  • Indeed, the IPACF takes just 6 nanoseconds to reject a non-legitimate information packet associated with the DoS attack.
Carlos Gomes

OpenTC and Trusted Computing at the IBM Zurich Research lab - 0 views

www.trl.ibm.com/...TC_Outlook-v02.pdf

assurance opentc research security trusted-computing

shared by Carlos Gomes on 13 Mar 07 - No Cached
  • Carlos Gomes on 13 Mar 07
     

1 - 20 of 26 Next ›
Showing 20 items per page