Search
Pete Silva - Daily Dose of Pete
You are here: DevCentral > Weblogs

threat

threat

1 if by land, 2 of by sea, 0 if by IP I know I’ve said this before but it sure seems like almost daily there is a security breach somewhere.  Over the years, the thought process has changed from prevent all attacks to, it is inevitable that we will be breached.  The massive number of attacks occurring daily makes it a statistical reality.  Now organizations are looking for the right solution (both technology and practice) to quickly detect a breach, stop it, identify what occurred and what data may have been compromised.  Over the last couple of days various entities...

posted @ Tuesday, January 17, 2012 1:59 PM | Feedback (3)

As they endeavor to secure their systems from malicious intrusion attempts, many companies face the same decision: whether to use a web application firewall (WAF) or an intrusion detection or prevention system (IDS/IPS).  But this notion that only one or the other is the solution is faulty.  Attacks occur at different layers of the OSI model and they often penetrate multiple layers of either the stack or the actual system infrastructure.  Attacks are also evolving—what once was only a network layer attack has shifted into a multi-layer network and application attack.  For example, malicious intruders may start with a network-based...

posted @ Wednesday, September 28, 2011 2:00 PM | Feedback (2)

Just when you were having all that fun running around the waterpark and playing those arcade games comes news that the card processing system of Vacationland Vendors Inc., a Wisconsin Dells firm that supplies arcade games and installs vending machines, was breached.  From the notice on their website, they say, ‘Vacationland Vendors recently discovered that an unauthorized person wrongfully accessed certain parts of the point of sales systems that Vacationland Vendors uses to process credit and debit transactions at the Wilderness Resorts.’  Up to 40,000 debit or credit cards that were used in the arcades any time between December 2008...

posted @ Wednesday, September 14, 2011 5:11 AM | Feedback (0)

A couple days ago, The SANS Institute announced the release of a major update (Version 3.0) to the 20 Critical Controls, a prioritized baseline of information security measures designed to provide continuous monitoring to better protect government and commercial computers and networks from cyber attacks.  The information security threat landscape is always changing, especially this year with the well publicized breaches.  The particular controls have been tested and provide an effective solution to defending against cyber-attacks.  The focus is critical technical areas than can help an organization prioritize efforts to protect against the most common and dangerous attacks.  Automating security...

posted @ Tuesday, August 23, 2011 5:31 AM | Feedback (0)

Botnets?  Old school.  Spam?  So yesterday.  Phishing?  Don’t even bother…well, on second thought.  Spaghetti hacking like spaghetti marketing, toss it and see what sticks, is giving way to specific development of code (or stealing other code) to breach a particular entity.  In the past few weeks, giants like Sony, Google, Citibank, Lockheed and others have fallen victim to serious intrusions.  The latest to be added to that list: The IMF – International Monetary Fund.  IMF is an international, intergovernmental organization which oversees the global financial system.  First created to help stabilize the global economic system, they oversee exchange rates and...

posted @ Tuesday, June 14, 2011 5:33 AM | Feedback (0)

Just kidding…partially.  Have you seen the latest 2011 Verizon Data Breach Investigations Report?  It is chock full of data about breaches, vulnerabilities, industry demographics, threats and all the other internet security terms that make the headlines.  It is an interesting view into cybercrime and like last year, there is also information and analysis from the US Secret Service, who arrested more than 1200 cybercrime suspects in 2010.  One very interesting note from the Executive Summary is that while the total number of records compromised has steadily gone down – ‘08: 361 million, ‘09: 144 million, ‘10: 4 million – the...

posted @ Wednesday, April 27, 2011 8:14 AM | Feedback (1)

The London Stock Exchange, Android phones and even the impenetrable Mac have all been malware targets recently.  If you’re connected to the internet, you are at risk.  It is no surprise that the crooks will go after whatever device people are using to conduct their life – mobile for example, along with trying to achieve that great financial heist….’if we can just get this one big score, then we can hang up our botnets and retire!’  Perhaps Homer Simpson said it best, ‘Ooh, Mama!  This is finally really happening.  After years of disappointment with get-rich-quick schemes, I know I'm gonna...

posted @ Wednesday, March 02, 2011 10:06 AM | Feedback (2)

Set the dial and rip it off – all the hits from the 70s, 80s, 90s and beyond – you’re listening to the K-Cloud.  We got The Puffy & Fluffy Show to get you going in the morning, Cumulous takes you through midday with lunchtime legion, Mist and Haze get you home with 5 o’clock funnies and drive-time traffic while Vapor billows overnight for all you insomniacs.  K-Cloud; Radio Everywhere. I came across this article which discusses Radio’s analogue to digital transition and it’s slow but eventual move to cloud computing.  How ‘Embracing cloud computing requires a complete rethinking of...

posted @ Wednesday, July 14, 2010 11:59 AM | Feedback (2)

CloudFucius checked out some In-flight WiFi this week while traveling to Seattle.  Alaska Air offers GoGo Inflight Internet on their 737 fleet flying the 48 contiguous for $4.95, but the service is free through July 2010.  An instruction card is located in the magazine pouch located in front of your seat and after the climb to 10,000 ft, you can connect with your WiFi enabled device.  The setup is simple: 1. Turn on WiFi; 2. Find ‘gogoinflight’ signal (which happens to be the only one found at 10,000 ft); 3. Launch browser and log in.  You do need to...

posted @ Thursday, June 10, 2010 1:56 PM | Feedback (1)

Watch how BIG-IP ASM v10.2 can prevent Cross-site request forgery.  Shlomi Narkolayev demonstrates how to accomplish a CSRF attack and then shows how BIG-IP ASM stops it in it's tracks. The configuration of CSRF protection is literally a checkbox. ps Technorati Tags: F5, infrastructure 2.0, integration, collaboration, standards, cloud connect, Pete Silva, F5, security, business, education, technology, application delivery, intercloud, cloud, context-aware, infrastructure 2.0, automation, web, internet, blog twitter: @psilvas

posted @ Thursday, April 29, 2010 11:55 PM | Feedback (0)

Full threat Archive

Links

  
Are you interested in:
Search DevCentral to get answers to your questions.

Blog Stats

Posts:285
Comments:98
Stories:0
Trackbacks:111
  

Tags

  

Post Categories

  Cloud Computing
  Security
  SSL VPN
  Information security
  pci
  PKI
  application attacks
  malware
  mitigation
  client security
  compliance
  notification laws
  social media
  social networks
  twitter
  facebook
  youtube
  digg
  peter silva
  social media stats
  ipv6
  ipv4
  2012
  context
  contextual aware
  user centric
  decision
  game show
  granular
  control
  identity
  cloud security
  virtualization
  sys-con
  cloud expo
  virtual
  glenn brunette
  sun microsystems
  Bruce Schneier
  Schneier on security
  research
  2009
  blog
  2010
  threat
  pci dss
  regulations
  espionage
  pentagon
  crown jewels
  tower of london
  health care
  banking
  prediction
  cybercrime
  cybercrime kits
  dyi
  dnssec
  dummies
  l0pht
  2600
  breach
  privacy
  breaches
  web security
  spam
  trojan
  gogrid
  blogger
  personal
  business
  H1N1 flu
  emergency preparedness
  disaster recovery
  network security
  oracle
  sso
  single sign on
  big-ip
  oracle access manager
  f5
  personal devices
  mobile devices
  mobile security
  windows
  microsoft
  windows 7
  desktop
  games
  gaming
  online games
  DDoS
  scams
  consolidation
  data center
  tech sector
  single purpose
  dedicated
  management
  access security
  policy enforcement
  utm
  processing power
  video
  audio
  multi-media
  dns
  webinar
  interview
  ioactive
  kaminsky
  dan kaminsky
  partner
  rsa
  xml
  splunk
  instructional
  in 5
  education
  training
  idc
  smart city
  smart grid
  infrastructure
  web 2.0
  standards
  inter-cloud
  interoperability
  application mobility
  peering
  confusion
  cloud confusion
  cloud survey
  edge gateway
  v10.1
  history
  words and meanings
  lists
  fun
  patent
  intellectual property
  trade secrets
  confucius
  cloudfucius
  series
  blog series
  a-z
  law
  constitution
  court
  fourth amendment
  gps
  government
  legal
  vmotion
  vmware
  case study
  interop
  v10.2
  database
  csrf
  asm
  adc
  arx
  data manager
  netapp
  storage
  WAN optimization
  application delivery
  optimization
  compression
  whitepaper
  statistics
  cloud research
  cloud stats
  LTM VE
  travel
  firepass
  encryption
  music
  humor
  uptime
  cloud outage
  SLA
  availability
  customer
  vmworld
  yankee group
  sports
  NFL
  performance
  acceleration
  peoplesoft
  rman
  recovery manager
  oow
  openworld
  replication
  integration
  apm
  wi-fi
  numbers
  firepass
  risk
  open source
  authentication
  smart card
  kerberos
  Business Challenges
  evidence
  SSL
  SSL offload
  NIST
  2048-bit
  certificate
  rss
  blog analytics
  web traffic
  e-cards
  hardware
  support
  diagnostics
  iHealth
  apple
  iPhone
  iPad
  iOS
  itunes
  smartphone
  v10.2.1
  citrix
  vdi
  parody
  satire
  entertainment
  andriod
  virus
  google
  mac
  comscore
  ID theft
  social security
  ssn
  synthetic ID theft
  credit report
  data privacy
  cyber threat
  reports
  50 ways
  2011
  trade show
  silva
  emc
  emc world
  ixia
  viprion
  ssl tps
  vCMP
  outtakes
  acting
  theatre
  tokens
  vpn
  remote access
  intrusion 2.0
  toys
  v11
  ajax
  SANS
  devcentral
  whitehat
  sentinel
  waf
  scanner
  grossman
  iApps
  wan op
  file virtualization
  hawaii
  emea
  ipexpo
  london
  UK
  human behavior
  risk managment
  tech center
  secure vault
  fips
  appliance mode
  copyright
  pearl harbor
  Dec 7
  punchbowl
  honolulu
  staffing
  jobs
  irules
  AppSec
  TradSec
  icsa
  v11.1
  community
  

Archives

  

82,243 Members in 102 Countries and Growing!

Join DevCentral Today!

About DevCentral

DevCentral has been a successful, thriving community for many years. We have always strived to bring you the best technical documentation, discussion forums, blogs, media and much more that we can.

So dive in, get familiar with DevCentral. We hope you like it, we hope it makes your job easier, and lets you get that much more power out of the community. To learn more, make sure to check out the Getting Started section. And if you have any problems, or think something could be easier to use, drop us a line to let us know.

Got It !

We've received your comment and transmitted it directly to DevCentral HQ.

Thanks for taking time to let us know what's on your mind. At DevCentral | Community Matters!

Get In Touch With Us

Have questions, suggestions or just want to get something off your chest?

Use our handy form below to Direct Connect with DevCentral Mission Control.

Send Us Feedback       or
Copyright 1996 - 2011 F5 Networks, Inc.

Powered by the DevCentral Crew  |  Privacy Statement   |  Terms Of Use  |  Code of Conduct

Page generated faster than you can blink!