Smart Phone Security

/
A few years ago, there was not a lot of standardization across wireless devices. Differing operating systems, differing implementations of mobile Java, and even varying configurations among devices with the same operating system made it hard to write malicious code that ran on a wide array of devices, Girard said.

Ethical Vulnerability Disclosure

/
The debate on whether vulnerabilities should be disclosed to force a vendor to fix the problem in a reasonable period or kept covert until a fix has been implemented has been a big discussion in the Information Security field. Black Hats, White Hats and even Grey Hats have their opinions.

Taxonomy of Computer Security

/
Computer security is frequently associated with three core areas, which can be conveniently summarized by the acronym “CIA” standing for Confidentiality — Ensuring that information is not accessed by unauthorized persons; Integrity — Ensuring that information is not altered by unauthorized persons in a way that is not detectable by authorized users; Authentication — Ensuring that users are the persons they claim to be.

IT Security Audits: A Necessary Evil…

/
As I prepare to conduct my next IT security audit at a client’s…

iPad Security

/
Apple's new iPad is set to be released on April 3rd and SecurityOrb.com a Washington D.C.-based information security media company has looked beyond the hype into the possible security matters consumers should be concerned about.

(IN)SECURE Magazine Issue 26 released

/
(IN)SECURE Magazine is a freely available digital security magazine discussing…

Digital Forensic Acquisition

/
One of the key aspects of conducting digital forensics pertains with the proper collection and authentication of the evidence. If the evidence is not collected properly, there is a very good chance the results of the examination will be questioned. Following digital forensic best practices, we typically conduct our examination on copies, often referred to as "forensic images" of the original evidence.

Microsoft Office 2008 12.2.5 Update for Mac OS X

/
Microsoft has released security bulletin MS10-038. This security…

Information Security vs Information Privacy

/
Information technology conflicting with personal and information privacy has been a major topic in recent months keeping privacy organizations including the Washington D.C. based Electronic Privacy Information Center (EPIC) busy as the premiere privacy watchdog in the U.S. For example, recent issues such as Google asking the NSA for assistance in the investigation of a cyber-attack that occurred on its network.