Search
Pete Silva - Daily Dose of Pete
You are here: DevCentral > Weblogs

breaches

breaches

As they endeavor to secure their systems from malicious intrusion attempts, many companies face the same decision: whether to use a web application firewall (WAF) or an intrusion detection or prevention system (IDS/IPS).  But this notion that only one or the other is the solution is faulty.  Attacks occur at different layers of the OSI model and they often penetrate multiple layers of either the stack or the actual system infrastructure.  Attacks are also evolving—what once was only a network layer attack has shifted into a multi-layer network and application attack.  For example, malicious intruders may start with a network-based...

posted @ Wednesday, September 28, 2011 2:00 PM | Feedback (2)

Just when you were having all that fun running around the waterpark and playing those arcade games comes news that the card processing system of Vacationland Vendors Inc., a Wisconsin Dells firm that supplies arcade games and installs vending machines, was breached.  From the notice on their website, they say, ‘Vacationland Vendors recently discovered that an unauthorized person wrongfully accessed certain parts of the point of sales systems that Vacationland Vendors uses to process credit and debit transactions at the Wilderness Resorts.’  Up to 40,000 debit or credit cards that were used in the arcades any time between December 2008...

posted @ Wednesday, September 14, 2011 5:11 AM | Feedback (0)

Just kidding…partially.  Have you seen the latest 2011 Verizon Data Breach Investigations Report?  It is chock full of data about breaches, vulnerabilities, industry demographics, threats and all the other internet security terms that make the headlines.  It is an interesting view into cybercrime and like last year, there is also information and analysis from the US Secret Service, who arrested more than 1200 cybercrime suspects in 2010.  One very interesting note from the Executive Summary is that while the total number of records compromised has steadily gone down – ‘08: 361 million, ‘09: 144 million, ‘10: 4 million – the...

posted @ Wednesday, April 27, 2011 8:14 AM | Feedback (1)

Figured I’d write this now since many of you will be celebrating the holidays over the next couple weeks and who really wants to read a blog when you’re reveling with family and friends.  It’s been an interesting year for information security, and for me too.  I started the year with New Decade, Same Threats? and wondered if the 2010 predictions of: social media threats, smarter malware/botnets, using the cloud for crime, financial DDoS, rogue software, Mac and Mobile malware, more breaches and a whole host of others would come through.  And boy did they.  Social media was...

posted @ Wednesday, December 15, 2010 9:21 AM | Feedback (1)

Come one, come all!  Are you tired of using your own money for those big holiday purchases?  Are you wary of entering your own personal & financial information to get that special gift?  Would you rather spend a stress-free holiday season impersonating various folks?  Just in time for your holiday shopping, get your very own unlocked identity profile!!  Why go through the hassle of protecting your own information when you can just pretend you are someone else?  For a limited time we are offering everything you need to create your own shopping character – name, address, bank/credit card info –...

posted @ Thursday, November 04, 2010 1:28 PM | Feedback (3)

Watch how BIG-IP ASM v10.2 can prevent Cross-site request forgery.  Shlomi Narkolayev demonstrates how to accomplish a CSRF attack and then shows how BIG-IP ASM stops it in it's tracks. The configuration of CSRF protection is literally a checkbox. ps Technorati Tags: F5, infrastructure 2.0, integration, collaboration, standards, cloud connect, Pete Silva, F5, security, business, education, technology, application delivery, intercloud, cloud, context-aware, infrastructure 2.0, automation, web, internet, blog twitter: @psilvas

posted @ Thursday, April 29, 2010 11:55 PM | Feedback (0)

Intellectual Property is one of a company’s most precious assets and includes things like patents, inventions, designs, source code, trademarks, trade secrets and more.  These formulas, processes, practices and other inside information can differentiate your brand and give a competitive edge in the marketplace.  An often cited example is Coca-Cola’s formula or KFC’s 11 herbs and spices.  For technology companies it can be their software, hardware design, development process, roadmaps, patents and others pertinent to the company.  In F5’s case, we own the patent for Cookie Persistence technology and have had to lawfully protect that valuable intellectual property. A...

posted @ Tuesday, April 06, 2010 2:09 PM | Feedback (0)

Peter Silva of F5 sits down with IOActive's Dan Kaminsky. In this extremely informative and lively discussion, the Domain Name System is the topic. DNS infrastructure, DNS vulnerabilities including DNS Cache Poisoning, DNSSEC and what's happened since the discovery of the flaw are all discussed. In 3-10 minute segments. ps Technorati Tags: Pete Silva,F5,security,application security,network security, business, banks, education, economy, technology, blogging, blogs, social networking, webinar, video, partners

posted @ Tuesday, March 09, 2010 1:49 PM | Feedback (2)

Peter Silva of F5 continues his conversation with IOActive's Dan Kaminsky. Please see Part 1 for complete description. In this segment, Dan talks about the discovery of DNS Cache Poisoning, DNSSEC and the overall importance of DNS to the Internet. ps Technorati Tags: Pete Silva,F5,security,application security,network security, business, banks, education, economy, technology, blogging, blogs, social networking, webinar, video, partners

posted @ Tuesday, March 09, 2010 1:43 PM | Feedback (0)

Peter Silva of F5 finishes his chat with IOActive's Dan Kaminsky. Please see Part 1 for complete description. In this segment, DNSSEC conversation continues and Dan explains what's happened since his discovery of DNS Cache Poisoning vulnerability. And info on an upcoming DNSSEC Webinar. ps Technorati Tags: Pete Silva,F5,security,application security,network security, business, banks, education, economy, technology, blogging, blogs, social networking, webinar, video, partners

posted @ Tuesday, March 09, 2010 1:37 PM | Feedback (0)

Full breaches Archive

Links

  
Are you interested in:
Search DevCentral to get answers to your questions.

Blog Stats

Posts:285
Comments:98
Stories:0
Trackbacks:111
  

Tags

  

Post Categories

  Cloud Computing
  Security
  SSL VPN
  Information security
  pci
  PKI
  application attacks
  malware
  mitigation
  client security
  compliance
  notification laws
  social media
  social networks
  twitter
  facebook
  youtube
  digg
  peter silva
  social media stats
  ipv6
  ipv4
  2012
  context
  contextual aware
  user centric
  decision
  game show
  granular
  control
  identity
  cloud security
  virtualization
  sys-con
  cloud expo
  virtual
  glenn brunette
  sun microsystems
  Bruce Schneier
  Schneier on security
  research
  2009
  blog
  2010
  threat
  pci dss
  regulations
  espionage
  pentagon
  crown jewels
  tower of london
  health care
  banking
  prediction
  cybercrime
  cybercrime kits
  dyi
  dnssec
  dummies
  l0pht
  2600
  breach
  privacy
  breaches
  web security
  spam
  trojan
  gogrid
  blogger
  personal
  business
  H1N1 flu
  emergency preparedness
  disaster recovery
  network security
  oracle
  sso
  single sign on
  big-ip
  oracle access manager
  f5
  personal devices
  mobile devices
  mobile security
  windows
  microsoft
  windows 7
  desktop
  games
  gaming
  online games
  DDoS
  scams
  consolidation
  data center
  tech sector
  single purpose
  dedicated
  management
  access security
  policy enforcement
  utm
  processing power
  video
  audio
  multi-media
  dns
  webinar
  interview
  ioactive
  kaminsky
  dan kaminsky
  partner
  rsa
  xml
  splunk
  instructional
  in 5
  education
  training
  idc
  smart city
  smart grid
  infrastructure
  web 2.0
  standards
  inter-cloud
  interoperability
  application mobility
  peering
  confusion
  cloud confusion
  cloud survey
  edge gateway
  v10.1
  history
  words and meanings
  lists
  fun
  patent
  intellectual property
  trade secrets
  confucius
  cloudfucius
  series
  blog series
  a-z
  law
  constitution
  court
  fourth amendment
  gps
  government
  legal
  vmotion
  vmware
  case study
  interop
  v10.2
  database
  csrf
  asm
  adc
  arx
  data manager
  netapp
  storage
  WAN optimization
  application delivery
  optimization
  compression
  whitepaper
  statistics
  cloud research
  cloud stats
  LTM VE
  travel
  firepass
  encryption
  music
  humor
  uptime
  cloud outage
  SLA
  availability
  customer
  vmworld
  yankee group
  sports
  NFL
  performance
  acceleration
  peoplesoft
  rman
  recovery manager
  oow
  openworld
  replication
  integration
  apm
  wi-fi
  numbers
  firepass
  risk
  open source
  authentication
  smart card
  kerberos
  Business Challenges
  evidence
  SSL
  SSL offload
  NIST
  2048-bit
  certificate
  rss
  blog analytics
  web traffic
  e-cards
  hardware
  support
  diagnostics
  iHealth
  apple
  iPhone
  iPad
  iOS
  itunes
  smartphone
  v10.2.1
  citrix
  vdi
  parody
  satire
  entertainment
  andriod
  virus
  google
  mac
  comscore
  ID theft
  social security
  ssn
  synthetic ID theft
  credit report
  data privacy
  cyber threat
  reports
  50 ways
  2011
  trade show
  silva
  emc
  emc world
  ixia
  viprion
  ssl tps
  vCMP
  outtakes
  acting
  theatre
  tokens
  vpn
  remote access
  intrusion 2.0
  toys
  v11
  ajax
  SANS
  devcentral
  whitehat
  sentinel
  waf
  scanner
  grossman
  iApps
  wan op
  file virtualization
  hawaii
  emea
  ipexpo
  london
  UK
  human behavior
  risk managment
  tech center
  secure vault
  fips
  appliance mode
  copyright
  pearl harbor
  Dec 7
  punchbowl
  honolulu
  staffing
  jobs
  irules
  AppSec
  TradSec
  icsa
  v11.1
  community
  

Archives

  

82,243 Members in 102 Countries and Growing!

Join DevCentral Today!

About DevCentral

DevCentral has been a successful, thriving community for many years. We have always strived to bring you the best technical documentation, discussion forums, blogs, media and much more that we can.

So dive in, get familiar with DevCentral. We hope you like it, we hope it makes your job easier, and lets you get that much more power out of the community. To learn more, make sure to check out the Getting Started section. And if you have any problems, or think something could be easier to use, drop us a line to let us know.

Got It !

We've received your comment and transmitted it directly to DevCentral HQ.

Thanks for taking time to let us know what's on your mind. At DevCentral | Community Matters!

Get In Touch With Us

Have questions, suggestions or just want to get something off your chest?

Use our handy form below to Direct Connect with DevCentral Mission Control.

Send Us Feedback       or
Copyright 1996 - 2011 F5 Networks, Inc.

Powered by the DevCentral Crew  |  Privacy Statement   |  Terms Of Use  |  Code of Conduct

Page generated faster than you can blink!