+1-888-690-2424
  • Capture of Alleged Malware Criminal Likely Will Do Nothing to Minimize Attacks

    The problem with enterprise security is that it's often confined to the periphery of an organization, when the widespread nature of the attack sphere has clearly demonstrated that it should be a central concern.

        in Authentication
    0
  • What is Spear Phishing?

    Recently, a form of identity theft known as spear phishing has been making headlines. While the method isn’t new, thieves are using it more and more to break into networks and steal data. Spear-phishing is a highly targeted, fraudulent attempt to enter into a network by gaining unauthorized access to secure information. The purpose of a spear-phishing attack is typically

        in Fraud, Identity Assurance
    0
  • Summarization of CRIME Attack on SSL

    I’ve written a few blogs on CRIME, but now that Juliano Rizzo and Thai Duong have presented CRIME at Ekoparty 2012, I thought a summary is due. CRIME is short for “Compression Ratio Info-Leak Made Easy.” In their presentation, Rizzo and Duong reminded us that HTTPS provides confidentiality, integrity and authenticity; however, CRIME decrypts portions of an HTTPS message, such

        in Secure Browsing, SSL
    0
  • Testing Your SSL Server for CRIME

    We still have to wait for later this week when Juliano Rizzo and Thai Duong will present their CRIME SSL/TLS attack at Ekoparty Security Conference. Regardless, we now know that the attack is based on the implementation of TLS compression or SPDY (pronounced “speedy”). CRIME uses the vulnerability that there is information leakage when data is compressed prior to encryption.

        in Secure Browsing, SSL, SSL Deployment
    0
  • Summarization of CRIME Attack on SSL

    I’ve written a few blogs on CRIME, but now that Juliano Rizzo and Thai Duong have presented CRIME at Ekoparty 2012, I thought a summary is due. CRIME is short for “Compression Ratio Info-Leak Made Easy.” In their presentation, Rizzo and Duong reminded us that HTTPS provides confidentiality, integrity and authenticity; however, CRIME decrypts portions of an HTTPS message, such

        in Secure Browsing, SSL
    0
  • Testing Your SSL Server for CRIME

    We still have to wait for later this week when Juliano Rizzo and Thai Duong will present their CRIME SSL/TLS attack at Ekoparty Security Conference. Regardless, we now know that the attack is based on the implementation of TLS compression or SPDY (pronounced “speedy”). CRIME uses the vulnerability that there is information leakage when data is compressed prior to encryption.

        in Secure Browsing, SSL, SSL Deployment
    0
Page 1 of 212