Comparing compromises (VerIS Metric Framework)*
My friend Alex Hutton and the rest of the RISK Team at Verizon Business have done it again! This time rather than release a report about breaches however, they’ve release the Verizon Incident Sharing Metrics Framework ( VerIS for short ). All the awesomeness that went into creating the 2009 Verizon Breach Report is being shared with the incident response community so that we can compare apples to apples when it comes to compromises. Rather than each company capturing it’s own unique dataset and creating statistics in their own particular way, VerIS is a framework that allows companies …
Related Videos from Youtube
RSA 2010: Let's stop trying to prot...David Spark here reporting for Tripwire at the 2010 RSA Conference in San Francisco. Before the show floor opened, I ran into Security bloggers Andrew Storms (@st0rmz) of nCircle, Benjamin Tomhave (@FalconsView) of The Falcon's View, and Martin McKeay (@McKeay) of the Network Security blog and podcast. Waiting for the show to actually start, I asked all three what they were looking for, and Storms began the conversation saying he was sick and tired of having a security conference where everyone talked about securing everything. Enough hype, said Storms, let's focus on what you truly need to protect. Tomhave agreed but added that while he was happy to see lots of point solutions, he would like to see them more integrated within the enterprise. And McKeay is eager to find simpler solutions for PCI compliance that don't actually require you to know anything about PCI compliance. When I asked them about Tripwire, they throw out their props for the solution, but being a point solution as they say, they're eager to see how Tripwire can play with others. Check out more of Tripwire's coverage from the 2010 RSA Conference in San Francisco. bit.ly
PCI Data Security Standards Rock...This short animated video provides an overview of the PCI Data Security Standard. This standard applies to any entity that stores, process or transmits cardholder data.
How-to Install PCI-E Graphics Card...This is a video Tutorial of How-to Install a ASUS EN9500GT 1GB / Nvidia 9500GT PCI-E Graphics Card into Desktop Computer. I also show how to setup Nvidia Settings in Ubuntu Linux 9.10 64bit Karmic Koala. Educational video from www.OSGUI.com Tech Show
NEJM Procedure: Primary PCI for Myo...Reperfusion therapy (mechanical or pharmacologic) is indicated for patients with chest pain consistent with a myocardial infarction with a duration of 12 hours or less in association with ST-segment elevation greater than 0.1 mV in two or more contiguous electrocardiographic leads or a new (or presumed new) left bundle-branch block. Primary PCI is preferred if a skilled interventional cardiologist and catheterization laboratory with surgical backup are available and if the procedure can be performed within 90 minutes after initial medical contact with the patient.
PCI Express x16 VGA Passthrough to...This is a video presentation on VGA passthrough to open source Xen-based Windows XP Home HVM Virtual Machine using Intel Desktop Board DQ45CB with Intel VT-d technology and nVidia Geforce 8400 GS PCI-E x16 graphics card. The open source Xen 3.5-unstable hypervisor source code and paravirt operations domain 0 kernel 2.6.31-rc6 are used. Visit my blog at teo-en-ming-aka-zhang-enming.blogspot.com The "not enough free resources" issue with VGA passthrough has been fixed. Please watch my latest video presentation here www.youtube.com Teo En Ming (Zhang Enming) Email: space.time.universe@gmail.com MSN: teoenming@hotmail.com Mobile Phone: +65-9648-9798 Street Address: Bedok Reservoir Road Country: Singapore
|
mckeay (Martin McKeay) : Just got done hearing a lot of the inside story of the Miraposa Botnet takedown from the folks at Panda. Now to nap before dinner.. Updated : 2010-07-30T22:57:53Z | Reply | View Tweet |
|
RafalLos (Rafal Los) : Trying to not get lost in the mass of freak humanity at #Defcon with @ChrisJohnRiley, @Mckeay and other random people I don't know ..... Updated : 2010-07-30T19:40:22Z | Reply | View Tweet |
|
subdriven (subdriven) : @mckeay Well, if ConFlu doesn't get you, Denny's probably will.. Updated : 2010-07-30T15:44:12Z | Reply | View Tweet |
|
|
mckeay (Martin McKeay) : @subdriven #Denny's service is much better today. Doesn't taste any better though... Updated : 2010-07-30T14:56:58Z | Reply | View Tweet |
|
|
subdriven (subdriven) : @mckeay Yeah, last time we went there it was like a 2 hour wait AT THE TABLE! Service sucked! G'luck.. Updated : 2010-07-30T14:49:37Z | Reply | View Tweet |
-
Network Security Blog � Are credit cards worth the risk?
[Security]It sounds like a simple question, doesn’t it? Is it worth it to your organization to take credit cards online, do the rewards outweigh the risks? If you’re a major retailer or service provider or even a minor player in the game, the answer’s probably a no brainer, you have to take credit cards online if you want to stay in business.
-
DNS FLAW - INTERVIEW With Dan Kaminsky Released..
[Security]Enjoy The Podcast...
-
The Good and Bad of Wordpress, Scribefire and Wireshark
[Security]As a security professional, I have a number of things I consider bad habits. One of these is that I let Firefox remember many of my passwords for me, at least when it comes to my low security sites. The lesson is that all too often, our passwords, user names and other sensitive information is flowing across the network unencrypted.
-
They grow up so quickly: Club Penguin
[Educational]All parents want their kids to grow up with all the advantages of technology, but most are very weary of the dangers of social networking sites. Here is a site that caters specifically for kids with lots of filters in place (obviously not foolproof, but they did their best). Let you kids play at this until they understand the rules of the game.
-
iPhone now the iBrick?
[Apple]How many of you have iPhone's you've installed one of the unlocking hacks on? Just in case you haven't already heard, don't install the 1.1.1 patch on the phone or it'll stop working, claiming you have an illegal SIM, no matter what SIM you put in.
