Three-time Pwn2Own winner knocks hacking contest rules

.
0 comments

Three-time Pwn2Own winner knocks hacking contest rules


Three-time Pwn2Own winner knocks hacking contest rules

Posted: 28 Feb 2011 03:18 AM PST


Organizers of Pwn2Own on Sunday defended the hacking contest's rules after a three-time winner criticized the challenge for encouraging researchers to "weaponize" exploits.

Is VoIP too secure?

Posted: 28 Feb 2011 08:00 AM PST


It's hard to imagine, but roughly 10 years ago as VoIP was being rolled out corporate networkers were quite concerned about the security of VoIP. As we faced a move from voice going over a traditional (and, by the way, unencrypted) network, there was concern that VoIP would be much too easy to eavesdrop on - especially if it traversed the Internet.

I took the 642-524 SNAF Exam

Posted: 28 Feb 2011 01:09 AM PST


Last week I took the Securing Networks with ASA Foundation (642-524) exam and passed with a score of 954/1000. It has been 3 years since the last time I took a Cisco exam because I had to renew my CCNA/CCNP/CCSP certifications which were going to expire this coming March. The good thing about recertification is that you can pass any current 642-XXX professional level exam in order to renew ALL of your Professional Level certifications, no matter if the exam is related with security or routing and switching. Therefore by passing the 642-524 exam I have renewed both my CCNP and CCSP for 3 more years. This particular exam will be offered up to 4/8/11 and then will be replaced by the new 642-617 FIREWALL v1.0 exam.

I have noticed that the exam was more difficult from the past and that Cisco has taken measures for more accurate evaluation of the knowledge possessed by the exam takers. There were some "real world" scenarios in the exam which showed an ASDM Graphical User Interface which you could click on it and navigate inside the ASDM just like a real one. There were several questions related with each ASDM scenario, so you had to go inside the ASDM and see all the configuration screens and settings in order to answer that group of questions. You had to be very careful with that type of questions because there were tricks. You had to verify if some traffic flows were being inspected by an embedded AIP-SSM or CSC-SSM modules or if they were being limited by service policies. You also had to check the policy rules, NAT rules, security levels etc in order to accurately answer each question. Anyhow, it was time consuming but if you were focused and careful it was ok.

Anyway, I'm glad that my next Cisco exam recertification is after 3 years!!!

Hacker writes easy-to-use Mac Trojan

.
0 comments

Hacker writes easy-to-use Mac Trojan


Hacker writes easy-to-use Mac Trojan

Posted: 25 Feb 2011 05:30 AM PST


In a sign that hackers, like everyone else, are taking an interest in everything Apple, researchers at Sophos say they've spotted a new Trojan horse program written for the Mac.

China cleans up spam problem

Posted: 25 Feb 2011 05:28 AM PST


It's been a few years coming, but it looks like China may finally be getting a handle on its spam problem.

Apple invites bug researchers to scrutinize Lion OS

Posted: 25 Feb 2011 12:18 AM PST


Apple is offering security experts a copy of the developer preview of Mac OS X 10.7, aka Lion, and asking them for feedback.

Familiar faces, new names step up at Pwn2Own hacking contest

.
0 comments

Familiar faces, new names step up at Pwn2Own hacking contest


Familiar faces, new names step up at Pwn2Own hacking contest

Posted: 25 Feb 2011 03:16 AM PST


The Pwn2Own hacking competition returns next month with a record number of contestants looking to break Web browsers and smartphones.

HIPAA privacy actions seen as warning

Posted: 25 Feb 2011 02:11 AM PST


Two separate enforcement actions taken this week by the U.S. Department of Health and Human Services (HHS) for HIPAA privacy violations should serve as a warning to all health care entities, say privacy analysts.

US cybercrime complaints fell 10 percent last year

Posted: 24 Feb 2011 03:39 AM PST


The U.S. agency that tracks complaints of criminal activity on the Internet reported Thursday that fewer people complained about Internet fraud in 2010 than in the previous year.

Anonymous hacks church Web site during live interview

Posted: 24 Feb 2011 12:57 AM PST


The Anonymous collective today claimed credit for hacking the Web site of the controversial Westboro Baptist Church in Kansas.

Reasons trustworthy sites can no longer be trusted

Posted: 24 Feb 2011 12:03 AM PST


Last year, malware became increasingly more common on popular and trusted domains, according to research released this week by security firm Blue Coat Systems. Migration to popular hacked sites with trusted reputations and acceptable-use category ratings was the primary theme for hosting malware delivery infrastructure, researchers claim.

Four Ways to Mitigate Mobile and Cloud Data Leaks

Posted: 23 Feb 2011 10:13 PM PST


Your CEO may be paranoid about WikiLeaks, but his mobile device and cloud computing are the real threats to corporate security

Proposed cloud-log standard sparks controversy

Posted: 23 Feb 2011 10:06 PM PST


Cloud computing pushes current log management capabilities to their limit. Experts say it's time for a new standard to simplify the problem

Former Avaya chief D'Ambrosio takes reigns at Sears

Posted: 23 Feb 2011 10:50 PM PST


Long-time tech executive Lou D'Ambrosio has taken the helm at Sears Holdings Corp. with the goal of reversing the department store's downward financial trend and possibly boosting its online business. (Network World named D'Ambrosio one of the 50 Most Powerful People in Networking in 2006)