Loading ...
BlogInfoSec.com Sponsors
BlogInfoSec.com Partners
-
Recent Comments
- Navin on Why Information Security Professionals Should Learn Texas Hold ‘em Poker
- john doe on An Analysis of the Privacy Rights Clearinghouse “Chronology of Data Breaches” and Implications for Information Security Professionls (pt. 1)
- Adam Shostack on PCI DSS Position on Patching May Be Unjustified
- Jens Laundrup on PCI DSS Position on Patching May Be Unjustified
- Kris on Medical Identity Theft: Your Money or Your Life
Tags
agility algorithms application security assessment awareness Awareness / Education awareness instruction awareness training bloginfosec Annoucements Books on InfoSec breach incidents Budgeting for Security business continunity CIA triad CISO CISO savvy CISO skills COBIT Coding Securely / SDLC Conferences / Events / Meetups contingency plans counterfeit counterfeit equipment data breaches data breach notification laws data classification digital signature disaster recovery education Encryption end-point security equipment Exploit Code / Malware facebook fake FBI featured FFIEC Forensics / Incidents FUD Theater GLBA governance government Gramm-Leach-Bliley hackers hash HIPAA honeynet honeypot identity management identity theft IDM incident Industry Commentary Information security Interviews ISACA Jobs in Information Security Johnny Long KPMG leadership Legal & Regulatory Issues malicious insider malware metrics nation states network News Commentary No Tech Hacking OWASP Patching PCI Penetration Testing perimeter Phishing Policies and Procedures Privacy Privacy Rights Clearinghouse Reverse Engineering risk risk management ROI ROSI SB 1386 Security security awareness Security Breaches self-awareness Social Engineering soft skills Solutions / Workarounds SPAM spotlight successful behaviors Tools training Uncategorized Virtual Trust Viruses / Worms vulnerability assessment Vulnerability Commentary Vulnerability Disclosure Wireless Wireless Client Wireless Discussion Wireless Security Wireless Vulnerability Discussion
Fear Not: Hacks, Attacks and Cracks written by Russell Handorf
Mr. Handorf is the Senior Security Analyst at the Philadelphia Stock Exchange. He serves on the Board of Directors for the FBI’s Philadelphia InfraGard Chapter, which has more than 800 members locally.
He has consulted for the US Federal and State Governments, companies and educational institutions where he performed security audits and assessments of their clients, infrastructure and networks. He was CIO and Director of Research and Development for a Philadelphia based wireless broadband solutions provider.
He teaches at Drexel University’s Goodwin College, conducts technical reviews for InfoWorld and serves as net control for the Philadelphia Amateur Radio Emergency Service. In his spare time, he is completing a Master of Science degree in Information Security.
Security Buzzword Bingo
July 9, 2008 – 6:00 am
–
I’ve had the opportunity to travel to various security conferences and product demonstrations over the years. Lately in order to continue paying attention to a lot of these presenters, I’ve had to play the game Buzzword Bingo. Everyone should remember the game Bingo, where all the players…
The Ears of a Hacker: Enumeration by Sound - No Tech Hacking (pt. 2)
June 25, 2008 – 6:00 am
–
I previously wrote an article about Johnny Long’s latest book, No Tech Hacking. This book covers many points about security in the physical world from the perspective of a hacker by raising the question “What does a hacker see?” There’s another observation point that must be addressed,…
How-To Easily Deploy Honeypots for Production Networks
June 10, 2008 – 6:00 am
–
When discussing honeypots, security folks typically think of the researchers out there who are doing their best to track the shadow networks that plague the Internet. Their deployments are to gain attention and keep the attackers interested based on the mentality of “the lower hanging fruit.”…
Real VoIPsploits: Helping to Introduce Your Local SWAT Team
May 28, 2008 – 6:00 am
–
Voice over IP is one of the many fast growing IT products and services field, as such this has laid the seeds for a new security industry. And as predicted, attackers are one step ahead of us in exploiting the vulnerabilities that are easily abused with this new infrastructure. We’re not going…
VAR does it come from? CISCO Hardware Espionage
May 6, 2008 – 6:00 am
–
When an organization looks at the threats to their infrastructure, they generally categorize them into two main headers: internal and external. And when they think about the internal threats they generally consider the rogue employee as the highest threat, and outsiders being their competition. I…
