Adventures in Security

Finding and dealing with rogue employees, crack WEP in less than 60 seconds, rainbow table LM password cracking, a really naive 419 scam victim, and tips on interviewing insider suspects.

SOX Television, an inexpensive file encryption utility, and using TPM, Bitlocker, and Active Directory to secure laptop data.

Security enhancements in XP SP3, review of native data encryption, properly classifying security tests, Swiss move quantum cryptography into production, and DHS releases IT Security Essential Body of Knowledge.

Information Security is about protecting the data,desktop application virtualization and application streaming

Inexpensive lockable USB memory stick, risk management, large Web sites expose authentication tokens, phishing undercover, and attaining network-wide visibility.

Another government security foul-up, BlueFur Anti-phishing solution, Interpol security checklist, cracking a protected BIOS, and finding "hidden" data.

MOICE Office 2003 security plug-in, source routing infests IPv6, the continuing risk of removable storage, preparing for electronic evidence acquisition, preventing data leakage through swap and hibernation files.

Cisco NAC defaults create vulnerability, Vista may be no more secure than XP, Securing and initial processing of a crime scene.

Wireless RFID encryption, CarderIM, Banker Trojans, Cisco NAC vulnerabilities, data encryption, and NetBIOS challenges.

Losing the war with malware, Xbox support team is a hole in the dyke, College campuses are wide open, External pen tests, Software assurance, and Protecting your laptop from ad hoc wireless networks.

Bot driven spam, discretionary faxing, quantum leaps, Oracle security, 7 habits of effective security leaders, pros and cons of risk management

Vendor bullying, AV software evaluation, Fuzzing, new SPP issue, kernel malware, and data protection

Key carrying photons, VoIP vulnerabilities, outsourcing security, memory debugging, Exchange DST woes, and hypervisor-based virtual server security

Commentary on iPods as criminal tools, users are not stupid, AJAX vulnerability monitoring, dangers of pirated software, and Risk Management

Commentary on iPods in business, security as a process, and how some programming teams are stepping up to meet security challenges.

Customer Welfare vs. Vendor Public image, Establishing System Assurance, Cyber-espionage.

Examination of biometrics in general. Introduction of Keystroke Dynamics as a low impact biometric alternative.

The importance of choosing the right source for audit artifacts, and the growing threat of employee home PCs to the business enterprise

The importance of change management, the potential security risks when desperation enters the project lifecycle, how virtual floors can provide secure flexible business-to-business connectivity, and finally, a look at some ways to handle sensitive information once printed copied or faxed.

The vulnerabilities and safeguards associated with Application Denial of Service and Insecure Configuration Management