It’s a good sign of growing interest in an area of security when you have speakers from Google and Microsoft giving consecutive talks, alongside colleagues from the Anti-Phishing Working Group, a popular browser provider (KDE), major research universities (Harvard, MIT and Stanford) and a range of security vendors (Bharosa, Passfaces, ...

Click here to listen/download (10:52). This week’s podcast features an in-depth interview with David Strom, technology writer and the author of Web Informant, a blog covering topics such as eCommerce, Web site usability, web product marketing and more. Burt Kaliski from RSA Labs also offers a report on the recent Workshop ...

In May a contest was open on Datarescue’s forum: http://www.datarescue.com/ubb/ultimatebb.php?/topic/4/375.html There were some nice tries but nobody guessed it right. It seems Datarescue will have to repeat the contest with another question If you are curious to learn the correct answer, please read on. Original post by Security Wonk and powered ...

In China, UTM (Unified Threats Management) has been rocketing in recent months, not only in the media, but also in the real market transactions. International vendors, such as Fortinet, Watchguard, Sonicwall, ZyXel, bomb the newspapers, journals and ...

A researcher has discovered a security hole in Qualcomm Inc.'s (qcom) Eudora e-mail program that could allow a hacker to run code on a user's machine. The exploit requires that a user open an e-mail file and click on a link in the message, said Bennett Haselton, a Webmaster for ...

Terminal 4 at Heathrow was packed like a box of sardines… This was quite odd - normally this late in the evening the place is half-deserted, but now it was full of people looking utterly annoyed. Probably some heavy flight delays, I told myself and went to look at the ...

Click here to listen/download (10:52). Research In Motion’s Mike Kirkup talks about using the BlackBerry® as a strong authentication token. We also interview Sam Tuohey, CTO, Stanford Federal Credit Union, about why financial institutions are working together to fight online fraud. Related Links: RSA SecurID® Token for BlackBerry Handhelds BlackBerry Security Overview RSA® eFraudNetwork Community Original ...

June 14 & 15, 2006 Day one of the Burton Conference held little to no surprises. As a caveat, I am spending my time in the “Identity *” track, so my observations will be heavily influenced by the information shared in those sessions. By no surprises I mean that the keynote ...

So I’ve been a pack a day smoker for a lot of years and every so often I get the urge to try and quit. This time I’m going to cheat and try a product called the Nicorette Inhaler. Let’s face it besides being unhealthy, smoking in Canada is damn ...

Yesterday afternoon, WHY and I worked out a holistic enterprise internal control framework. We named it as 12345678! Pyramid Framework. It help integrate the enterprise execution, IT control and security control methodologies and countermeasures. One Priority: Execution Two Hands: Technology and Management Three Layers: Decision Makers, Managers, and Execution Four Phases: Plan, Do, ...

Click here to listen/download (10:59). With the buzz around this week’s Burton Group Catalyst Conference, we focus on Identity and Access Management (IAM) in this week’s podcast. Toffer Winslow, vice president of product marketing and product management for RSA Security, talks about web access management and the business drivers for adoption. ...

Seems as though our friends at virtumonde have gone a couple steps further in thrawting our attempts at removal. Firstly they added code to change the clsid on every reboot and it is almost 100% random. Secondly they have made a mutex that detects HijackThis’s running process hijackthis.exe and if it ...