MicroSolved, Inc. is pleased to announce that its SecureAssure vulnerability assessment solution has successfully completed the PCI Scanning Vendor Compliance Testing. This process allows MicroSolved to serve as an ASV for organizations concerned with PCI compliance. “More organizations can now benefit from working with MicroSolved as their information security partner. Companies with compliance needs centering [...]
MSI attended the latest CUISPA event in Boston last week and it was a fantastic show. Credit union security folks were in attendance from all around the US and the speakers did a fine job of knowledge transfer. Many thanks to all who stopped by the booth and showed their appreciation for our State of [...]
Code Craft By: Pete Goodliffe Publisher: No Starch Press Price: $44.95 Rating (out of 5): ***** This is an excellent book about moving from average software development to professional-grade software development. The book basically covers the topics needed to teach developers how to make better software in a more effective manner than may be happening [...]
Practical Packet Analysis By: Chris Sanders Publisher: No Starch Press Price: $39.95 Rating (out of 5): **** This book is an excellent introduction to the basics of packet analysis. It gives good introductions to the basics of protocols, use of Wireshark, sniffer deployment and the other skills needed to perform packet capture and inspection. Packet [...]
Last month, I posted a list of indicators that you may experience if there were computer Viruses infecting your system (see the blog from June 1, 2007). This was just the first in a series of articles on indicators of various types of Malware. This month, our Malware topic is the Trojan Horse, or just [...]
So, we now know that “hackers” have been doing a ton of vulnerability research on the new iPhone since it was released. That research has turned up a couple of interesting vulnerabilities. The first is a flaw in the Safari web browser that could allow an attacker to take complete control over the phone by [...]
I was online the other day doing some research about excellence in customer service when I ran across one of Seth Godin’s recent blogs about his disappointing experience at a car dealership. It caught my attention, as I had just had a very similar and equally disappointing experience at a car dealership myself. What first [...]
Scripting and an understanding of scripting languages are critical skills for infosec folks. Not only do they lend themselves to understanding threats and attacker tools, but in many cases they make it possible for automation to assist the infosec practitioner in performing many of their duties and can help them be more effective in environments [...]
Is this what it has come to in Homeland Security now? Chertoff Claims “Gut Feeling” About Summer Attacks I normally try and stay away from public commentary on DHS goings on, but this seems so devoid of reason that I just had to talk about it. So, here we go… First off, I would like [...]
With more and more integration of the voice world into the network, companies are finally waking up to the idea that VoIP brings rewards, but also risk. When the network was down and voice lived in the analog world, you could still talk to your customers and let them know you were having a few [...]