Loading ...
BlogInfoSec.com Sponsors
BlogInfoSec.com Partners
-
Recent Comments
- Navin on Why Information Security Professionals Should Learn Texas Hold ‘em Poker
- john doe on An Analysis of the Privacy Rights Clearinghouse “Chronology of Data Breaches” and Implications for Information Security Professionls (pt. 1)
- Adam Shostack on PCI DSS Position on Patching May Be Unjustified
- Jens Laundrup on PCI DSS Position on Patching May Be Unjustified
- Kris on Medical Identity Theft: Your Money or Your Life
Tags
agility algorithms application security assessment awareness Awareness / Education awareness instruction awareness training bloginfosec Annoucements Books on InfoSec breach incidents Budgeting for Security business continunity CIA triad CISO CISO savvy CISO skills COBIT Coding Securely / SDLC Conferences / Events / Meetups contingency plans counterfeit counterfeit equipment data breaches data breach notification laws data classification digital signature disaster recovery education Encryption end-point security equipment Exploit Code / Malware facebook fake FBI featured FFIEC Forensics / Incidents FUD Theater GLBA governance government Gramm-Leach-Bliley hackers hash HIPAA honeynet honeypot identity management identity theft IDM incident Industry Commentary Information security Interviews ISACA Jobs in Information Security Johnny Long KPMG leadership Legal & Regulatory Issues malicious insider malware metrics nation states network News Commentary No Tech Hacking OWASP Patching PCI Penetration Testing perimeter Phishing Policies and Procedures Privacy Privacy Rights Clearinghouse Reverse Engineering risk risk management ROI ROSI SB 1386 Security security awareness Security Breaches self-awareness Social Engineering soft skills Solutions / Workarounds SPAM spotlight successful behaviors Tools training Uncategorized Virtual Trust Viruses / Worms vulnerability assessment Vulnerability Commentary Vulnerability Disclosure Wireless Wireless Client Wireless Discussion Wireless Security Wireless Vulnerability Discussion
Tag Archives: Phishing
Save The Whales
March 25, 2008 – 6:00 am
–
By now we all familiar with Phishing, which is the attempt to extract valuable information from an unsuspecting user via some form of social engineering which is usually done via E-Mail but can also be done via telephone (called Vishing.)
In the case of an individual, the target is usually…
SecList.org and GoDaddy.com
January 26, 2007 – 7:11 am
–
Wired reports that godaddy.com shut down seclists.org because Fydor’s site hosted a file that contained myspace user names and passwords that were phished.
There are many comments regarding the fact that godaddy.com’s behavior was inexcusable.
While mentioned on Wired, it is not…
Security Awareness - Not Education - is the Answer
December 5, 2006 – 7:32 pm
–
Security awareness and security education are two different things.
In my mind, awareness is a “lighter” version of education. To be educated means one has a deep understanding of something and acts upon that understanding. Awareness, or to be made aware of something, means that one…
Reducing Online Fraud: A Banking Case
December 5, 2006 – 8:32 am
–
A bank in Australia is using its back-end to reduce online fraud:
The new transaction monitoring system, supplied by the EMC-owned RSA Security, scans online activity in real time to track fraud indicators and generate a “risk score” for each transaction. Customers are then…
Attack Vectors Through the Pragmatic Use of Steganography