Blog Stats
- 75,850 hits
Monthly Archives: March 2014
iRisk
iRisk, or the iRisk equation is another quantitative analysis formula. Like most quantitative analysis models, you solve for the risk by calculating the threat and vulnerability, and lower the risk when mitigating or compensating controls are added. Here is where … Continue reading
Posted in Security Blog
Tagged 2014, fair, irisk, ISO 27001, ISO 27005, NIST 800-39, NIST 800-53, octave, quantitative, risk analysis
Comments Off on iRisk
BCJs in an SSAE-16
I looked everywhere for this acronym that I found while processing a Type II SSAE-16. I guessed pretty close, but since someone helped me find it, you may have to google it one day and hopefully you will find that: … Continue reading
Botnet Command and Control
James Lyne explains some botnet command and control.
Posted in Security Blog
Tagged 2014, botnet, command and control, James Lyne, kali, sniffing, sophos, video tutorial
Comments Off on Botnet Command and Control
Visualize the World’s Biggest Data Breaches
Visit here to see an interactive of the graphic below http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
Posted in Security Blog
Tagged 2014, data breaches, infographic
Comments Off on Visualize the World’s Biggest Data Breaches
HIPAA or HIPPA?
When professional publications, job postings, and Health related websites mess up the acronym for HIPAA, I get really ticked. I just bought this book, they just wrote out what HIPAA stands for and they still get the acronym wrong? What’s … Continue reading
Compliance’d
For the lols, I’m hopefully going to create more ridiculous meme like pictures like this. P.S. I made this, if you see it somewhere else, they stole it from me.
Posted in Security Blog
Tagged 2014, compliance, lol, mission impossible, tom cruise
Comments Off on Compliance’d
Edward Snowden on Ted: Here’s How to Take Back the Internet
Makes you think differently about this bottle top. Read it from the perspective of the normal person, read it from the perspective of Edward Snowden, then read it from the perspective of the NSA.
Posted in Security Blog
Tagged 2014, AOL, Apple, boundless informant, Edward Snowden, ethics, Facebook, Google, Microsoft, NSA, PalTalk, Patriot Act, PRISM, Skype, ted, Yahoo, youtube
Comments Off on Edward Snowden on Ted: Here’s How to Take Back the Internet
The Internet of Things
The Internet of Things (IOT) is a concept of delivering Internet to almost anything that has a chip in it. Cool for the end user, but for the cybersecurity minded person, an inevitable nightmare. In January, a refrigerator was … Continue reading
Posted in Security Blog
Tagged 2014, DDoS, home appliances, Internet of Things, Refrigerator
Comments Off on The Internet of Things
Bruce Schneier Facts
Bruce Schneier Fact #1: Bruce Schneier once killed a man using only linear cryptanalysis. Bruce Schneier Fact #2 Bruce Schneier once decrypted a box of AlphaBits. Bruce Schneier Fact #3 P = NP in Bruce Schneier’s very presence. Bruce Schneier … Continue reading
Posted in Security Blog
Tagged 2014, Bruce Schneier, Bruce Schneier Facts, lol
Comments Off on Bruce Schneier Facts
Schneier on Security: Terms of Service as a Security Threat
Bruce Schneier is a cybersecurity evangelist who is on his game. I’ve read his book Secrets and Lies: Digital Security in a Networked World and I highly recommend it. Keeping current on his blog and his writing definitely should be … Continue reading
Posted in Security Blog
Tagged 2014, article, Bruce Schneier, it's a trap!, terms of service
Comments Off on Schneier on Security: Terms of Service as a Security Threat