Comments for MSI :: State of Security http://stateofsecurity.com Insight from the Information Security Experts Sun, 13 May 2012 13:58:41 +0000 hourly 1 http://wordpress.org/?v= Comment on Twitter Hack! 5 Ways to Avoid Being the Victim of a Phishing Attack by pscorrales76 http://stateofsecurity.com/?p=2450&cpage=1#comment-54665 pscorrales76 Sun, 13 May 2012 13:58:41 +0000 http://stateofsecurity.com/?p=2450#comment-54665 “@DarkOperator: Twitter Hack! 5 Ways to Avoid Being the Victim of a Phishing Attack http://t.co/LsesnuvM” para su lectura!!! #pilas “@DarkOperator: Twitter Hack! 5 Ways to Avoid Being the Victim of a Phishing Attack http://t.co/LsesnuvM” para su lectura!!! #pilas

]]> Comment on Twitter Hack! 5 Ways to Avoid Being the Victim of a Phishing Attack by MRMaguire http://stateofsecurity.com/?p=2450&cpage=1#comment-54576 MRMaguire Thu, 10 May 2012 16:03:54 +0000 http://stateofsecurity.com/?p=2450#comment-54576 Twitter Hack! 5 Ways to Avoid Being the Victim of a Phishing Attack: FB.Event.subscribe('edge.create', fun... http://t.co/LUfqoP3d Twitter Hack! 5 Ways to Avoid Being the Victim of a Phishing Attack:
FB.Event.subscribe(‘edge.create’, fun… http://t.co/LUfqoP3d

]]> Comment on Twitter Hack! 5 Ways to Avoid Being the Victim of a Phishing Attack by MRMaguire http://stateofsecurity.com/?p=2450&cpage=1#comment-54575 MRMaguire Thu, 10 May 2012 15:22:07 +0000 http://stateofsecurity.com/?p=2450#comment-54575 RT @microsolved Twitter Hack! 5 Ways to Avoid Being the Victim of a Phishing Attack http://t.co/24oScYPK RT @microsolved Twitter Hack! 5 Ways to Avoid Being the Victim of a Phishing Attack http://t.co/24oScYPK

]]> Comment on How to Avoid Falling For Social Engineering Attacks by Twitter Hack! 5 Ways to Avoid Being the Victim of a Phishing Attack - MSI :: State of SecurityMSI :: State of Security http://stateofsecurity.com/?p=1331&cpage=1#comment-54574 Twitter Hack! 5 Ways to Avoid Being the Victim of a Phishing Attack - MSI :: State of SecurityMSI :: State of Security Thu, 10 May 2012 15:20:42 +0000 http://stateofsecurity.com/?p=1331#comment-54574 [...] Do not give out your financial information ever through an email appeal. I hope we all know now that you haven’t won the Nigerian lottery or that some prince or princess is willing to give you part of their inheritance if only you’ll keep their money in your bank account. Emails of this nature prey upon people who would love to “win” money or worse, may lose money in their account unless they give out their account information. Never give out your personal information. Instead, call your bank to verify that they need the information. You could also have some fun with the hackers like I did.  [...] [...] Do not give out your financial information ever through an email appeal. I hope we all know now that you haven’t won the Nigerian lottery or that some prince or princess is willing to give you part of their inheritance if only you’ll keep their money in your bank account. Emails of this nature prey upon people who would love to “win” money or worse, may lose money in their account unless they give out their account information. Never give out your personal information. Instead, call your bank to verify that they need the information. You could also have some fun with the hackers like I did.  [...]

]]> Comment on Resources for Mobile Application Security by MRMaguire http://stateofsecurity.com/?p=2445&cpage=1#comment-54570 MRMaguire Tue, 08 May 2012 19:13:38 +0000 http://stateofsecurity.com/?p=2445#comment-54570 Resources for Mobile Application Security: FB.Event.subscribe('edge.create', function(response) { _g... http://t.co/fpvcDKuO Resources for Mobile Application Security:
FB.Event.subscribe(‘edge.create’, function(response) {
_g… http://t.co/fpvcDKuO

]]> Comment on Quick Wireless Network Reminders by GeraintW http://stateofsecurity.com/?p=2434&cpage=1#comment-54569 GeraintW Tue, 08 May 2012 07:38:22 +0000 http://stateofsecurity.com/?p=2434#comment-54569 Quick Wireless Network Reminders http://t.co/zhkMbjop #in Quick Wireless Network Reminders http://t.co/zhkMbjop #in

]]> Comment on The Detection in Depth Focus Model & Example by Information Security is More than Prevention | IT Security http://stateofsecurity.com/?p=1958&cpage=1#comment-54554 Information Security is More than Prevention | IT Security Sat, 05 May 2012 03:27:04 +0000 http://stateofsecurity.com/?p=1958#comment-54554 [...] It’s whether or not you have additional controls like enclaving in place. Do you have visibility at various layers for detection in depth? [...] [...] It’s whether or not you have additional controls like enclaving in place. Do you have visibility at various layers for detection in depth? [...]

]]> Comment on Quick Wireless Network Reminders by MRMaguire http://stateofsecurity.com/?p=2434&cpage=1#comment-54553 MRMaguire Fri, 04 May 2012 14:20:27 +0000 http://stateofsecurity.com/?p=2434#comment-54553 Quick Wireless Network Reminders: FB.Event.subscribe('edge.create', function(response) { _gaq.push([... http://t.co/IhsshAOh Quick Wireless Network Reminders:
FB.Event.subscribe(‘edge.create’, function(response) {
_gaq.push([… http://t.co/IhsshAOh

]]> Comment on Quick Wireless Network Reminders by MRMaguire http://stateofsecurity.com/?p=2434&cpage=1#comment-54552 MRMaguire Fri, 04 May 2012 13:43:02 +0000 http://stateofsecurity.com/?p=2434#comment-54552 Quick Wireless Network Reminders http://t.co/LCD4cpyE #security Quick Wireless Network Reminders http://t.co/LCD4cpyE #security

]]> Comment on How to Save Your Photos From a BYOD Security Policy by MRMaguire http://stateofsecurity.com/?p=2430&cpage=1#comment-54535 MRMaguire Wed, 02 May 2012 16:25:43 +0000 http://stateofsecurity.com/?p=2430#comment-54535 How to Save Your Photos From a BYOD Security Policy: FB.Event.subscribe('edge.create', function(response) ... http://t.co/0R9jRIjh How to Save Your Photos From a BYOD Security Policy:
FB.Event.subscribe(‘edge.create’, function(response) … http://t.co/0R9jRIjh

]]> Comment on Mobile Apps Shouldn’t Roll Their Own Security by Mobile Applications Shouldn’t Roll Their Own Security | IT Security http://stateofsecurity.com/?p=2312&cpage=1#comment-54531 Mobile Applications Shouldn’t Roll Their Own Security | IT Security Wed, 02 May 2012 04:20:01 +0000 http://stateofsecurity.com/?p=2312#comment-54531 [...] Cross-posted from State of Security [...] [...] Cross-posted from State of Security [...]

]]> Comment on Discuss Detection in Depth at CMH ISSA Summit by MRMaguire http://stateofsecurity.com/?p=2421&cpage=1#comment-54528 MRMaguire Mon, 30 Apr 2012 19:40:41 +0000 http://stateofsecurity.com/?p=2421#comment-54528 Discuss Detection in Depth at CMH ISSA Summit: FB.Event.subscribe('edge.create', function(response) { ... http://t.co/SFLZOTok Discuss Detection in Depth at CMH ISSA Summit:
FB.Event.subscribe(‘edge.create’, function(response) {
http://t.co/SFLZOTok

]]> Comment on Detection in Depth Maturity Model by Discuss Detection in Depth at CMH ISSA Summit - MSI :: State of SecurityMSI :: State of Security http://stateofsecurity.com/?p=1946&cpage=1#comment-54527 Discuss Detection in Depth at CMH ISSA Summit - MSI :: State of SecurityMSI :: State of Security Mon, 30 Apr 2012 18:59:24 +0000 http://stateofsecurity.com/?p=1946#comment-54527 [...] May 18th, I will be presenting on detection in depth at the CMH ISSA Summit. I look forward to a good discussion of the ideals, organizational needs, [...] [...] May 18th, I will be presenting on detection in depth at the CMH ISSA Summit. I look forward to a good discussion of the ideals, organizational needs, [...]

]]> Comment on Round Cube Webmail Probes Spreading Rapidly by goashyagopiva http://stateofsecurity.com/?p=550&cpage=1#comment-54525 goashyagopiva Sat, 28 Apr 2012 01:35:57 +0000 http://stateofsecurity.com/?p=550#comment-54525 At Transmission Warehouse in Las Vegas, NV, our customers come first. We provide prompt, honest transmissions services at reasonable prices. Our staff is well-trained to get you and your loved ones safely back on the road. We are the best Transmission Shop in Las Vegas! Don't hesitate to call us today for any transmission service estimate. Visit http://www.vegas-transmissionrepair.com today. At Transmission Warehouse in Las Vegas, NV, our customers come first. We provide prompt, honest transmissions services at reasonable prices. Our staff is well-trained to get you and your loved ones safely back on the road. We are the best Transmission Shop in Las Vegas! Don’t hesitate to call us today for any transmission service estimate. Visit http://www.vegas-transmissionrepair.com today.

]]> Comment on Follow Up to Out of Band Authentication Post by wikidsystems http://stateofsecurity.com/?p=2416&cpage=1#comment-54522 wikidsystems Fri, 27 Apr 2012 14:56:31 +0000 http://stateofsecurity.com/?p=2416#comment-54522 RT @lbhuston: Follow Up to Out of Band Authentication Post - http://t.co/MzYoxg8t <Yeah, it's more & hopefully answers the questions some folks raised. RT @lbhuston: Follow Up to Out of Band Authentication Post – http://t.co/MzYoxg8t <Yeah, it’s more & hopefully answers the questions some folks raised.

]]> Comment on Follow Up to Out of Band Authentication Post by MRMaguire http://stateofsecurity.com/?p=2416&cpage=1#comment-54518 MRMaguire Fri, 27 Apr 2012 10:47:23 +0000 http://stateofsecurity.com/?p=2416#comment-54518 Follow Up to Out of Band Authentication Post: FB.Event.subscribe('edge.create', function(response) { ... http://t.co/3vt3WSVz Follow Up to Out of Band Authentication Post:
FB.Event.subscribe(‘edge.create’, function(response) {
http://t.co/3vt3WSVz

]]> Comment on Financial Organizations Struggle with Out of Band Authentication by Follow Up to Out of Band Authentication Post - MSI :: State of SecurityMSI :: State of Security http://stateofsecurity.com/?p=2388&cpage=1#comment-54517 Follow Up to Out of Band Authentication Post - MSI :: State of SecurityMSI :: State of Security Fri, 27 Apr 2012 10:01:43 +0000 http://stateofsecurity.com/?p=2388#comment-54517 [...] is a commentary follow up to my earlier post, located here.) A couple of folks have commented on Twitter that they have a fear of using SMS for any sort of [...] [...] is a commentary follow up to my earlier post, located here.) A couple of folks have commented on Twitter that they have a fear of using SMS for any sort of [...]

]]> Comment on Remember Public Cellular Networks in Smart Meter Adoption by Remember Public Cellular Networks in Smart Meter Adoption | IT Security http://stateofsecurity.com/?p=2372&cpage=1#comment-54513 Remember Public Cellular Networks in Smart Meter Adoption | IT Security Fri, 27 Apr 2012 03:04:33 +0000 http://stateofsecurity.com/?p=2372#comment-54513 [...] Cross-posted from State of Security [...] [...] Cross-posted from State of Security [...]

]]> Comment on Don’t Forget About VoIP Exposures and PBX Hacking by Don’t Forget about VoIP Exposures and PBX Hacking | IT Security http://stateofsecurity.com/?p=2336&cpage=1#comment-54510 Don’t Forget about VoIP Exposures and PBX Hacking | IT Security Thu, 26 Apr 2012 03:21:36 +0000 http://stateofsecurity.com/?p=2336#comment-54510 [...] Cross-posted from State of Security [...] [...] Cross-posted from State of Security [...]

]]> Comment on Are You Attending the 2012 ISSA Central Ohio InfoSec Summit? by MRMaguire http://stateofsecurity.com/?p=2410&cpage=1#comment-54507 MRMaguire Wed, 25 Apr 2012 18:08:35 +0000 http://stateofsecurity.com/?p=2410#comment-54507 Are You Attending the 2012 ISSA Central Ohio InfoSec Summit?: FB.Event.subscribe('edge.create', function(r... http://t.co/WYmpGnx7 Are You Attending the 2012 ISSA Central Ohio InfoSec Summit?:
FB.Event.subscribe(‘edge.create’, function(r… http://t.co/WYmpGnx7

]]> Comment on HoneyPoint Internet Threat Monitoring Environment: An Easy Way to Pinpoint Known Attacker IPs by lbhuston http://stateofsecurity.com/?p=2401&cpage=1#comment-54508 lbhuston Wed, 25 Apr 2012 13:56:52 +0000 http://stateofsecurity.com/?p=2401#comment-54508 HoneyPoint Internet Threat Monitoring Environment: An Easy Way to Pinpoint Known Attacker IPs - http://t.co/Pr5QevQ5 HoneyPoint Internet Threat Monitoring Environment: An Easy Way to Pinpoint Known Attacker IPs – http://t.co/Pr5QevQ5

]]> Comment on HoneyPoint Internet Threat Monitoring Environment: An Easy Way to Pinpoint Known Attacker IPs by MRMaguire http://stateofsecurity.com/?p=2401&cpage=1#comment-54500 MRMaguire Tue, 24 Apr 2012 15:43:45 +0000 http://stateofsecurity.com/?p=2401#comment-54500 HoneyPoint Internet Threat Monitoring Environment: An Easy Way to Pinpoint Known Attacker IPs: FB.... http://t.co/iB1NDsS0 HoneyPoint Internet Threat Monitoring Environment: An Easy Way to Pinpoint Known Attacker IPs:
FB…. http://t.co/iB1NDsS0

]]> Comment on Financial Organizations Struggle with Out of Band Authentication by msksecurity http://stateofsecurity.com/?p=2388&cpage=1#comment-54493 msksecurity Sat, 21 Apr 2012 16:53:14 +0000 http://stateofsecurity.com/?p=2388#comment-54493 Financial Organizations Struggle with Out of Band Authentication - MSI :: State of SecurityMSI :: State of Security - http://t.co/Ipi7NhzN Financial Organizations Struggle with Out of Band Authentication – MSI :: State of SecurityMSI :: State of Security – http://t.co/Ipi7NhzN

]]> Comment on Financial Organizations Struggle with Out of Band Authentication by lbhuston http://stateofsecurity.com/?p=2388&cpage=1#comment-54489 lbhuston Sat, 21 Apr 2012 01:16:44 +0000 http://stateofsecurity.com/?p=2388#comment-54489 Just a couple of quick notes - 1. It should be "cause", not "call to the customer support..." Sorry about that! 2. After a lot of discussions on Twitter about the post, I wanted to make it clear that OOBA does have some risks, but many of the problems are solvable. It should still be considered, it just requires careful planning to integrate and deploy (like most things...). It just seems that some folks assume it is going to be easier than it is, or they downplay the risks. We need reasonable, rational and real world experiences to build on the public knowledge base. Thus, we encourage folks using, developing, supporting, considering or struggling with these technologies to share their experiences and lessons learned. Together, we can iron out the wrinkles and make deployments of OOBA easier and more effective. Thanks for reading and for the comments on Twitter. You all rock and have a great weekend! Just a couple of quick notes – 1. It should be “cause”, not “call to the customer support…” Sorry about that!

2. After a lot of discussions on Twitter about the post, I wanted to make it clear that OOBA does have some risks, but many of the problems are solvable. It should still be considered, it just requires careful planning to integrate and deploy (like most things…). It just seems that some folks assume it is going to be easier than it is, or they downplay the risks. We need reasonable, rational and real world experiences to build on the public knowledge base. Thus, we encourage folks using, developing, supporting, considering or struggling with these technologies to share their experiences and lessons learned.

Together, we can iron out the wrinkles and make deployments of OOBA easier and more effective.

Thanks for reading and for the comments on Twitter. You all rock and have a great weekend!

]]> Comment on Financial Organizations Struggle with Out of Band Authentication by MRMaguire http://stateofsecurity.com/?p=2388&cpage=1#comment-54483 MRMaguire Fri, 20 Apr 2012 17:09:29 +0000 http://stateofsecurity.com/?p=2388#comment-54483 Financial Organizations Struggle with Out of Band Authentication: FB.Event.subscribe('edge.create', functi... http://t.co/jwnbsigt Financial Organizations Struggle with Out of Band Authentication:
FB.Event.subscribe(‘edge.create’, functi… http://t.co/jwnbsigt

]]>