2010

Email Hacking Husband Faces Felony

December 30, 2010
Redspin
Main
1 Comment

OK. so, I can't resist commenting on this breaking news and I'm looking forward to seeing where it ends up. It has a little bit of everything in it - potential invasion of privacy, allegations of hacking, accusations of adultery,…

2010 Food Wiki Awards

December 30, 2010
Redspin
Main
0 Comments

It has been a long year, but the weeks on the road have paid gastronomic dividends. Gems uncovered, old standards revisited, experiments gone bad. Congratulations to this year's winners. Best Dish Fresh Trout Luncheon Special, Mac's Old House, Antioch CA…

Online Banking Security Awareness: Time for us to step up?

December 29, 2010
Redspin
Main
1 Comment

Year end is always a great time to reflect and assess resolutions, improvements and goals, which makes me think about major improvements banks and financial organizations have made towards security in the last year. Most companies are doing everything they…

Creating an Acceptable Domain-Wide Password Policy

December 29, 2010
Redspin
Main
1 Comment

Have a fresh Microsoft Windows 2003 or 2008 domain just deployed and don't know where to start? Inherited a potentially questionable domain and looking for some basic things to check? Already know what you're doing and want a sanity-check? Here…

Key to a Successful Information Security Program

Performing security assessments for our clients, not only brings us around the globe, but also provides a global view of effective security processes. Here are the key attributes we see in our clients that are successfully managing security risk: process,…

Lessons from the McDonald’s, Walgreens and other recent data breaches

December 27, 2010
Redspin
Breaches, Healthcare Security, HIPAA, Main
0 Comments

Designing an effective Information Security Program is a process that requires a thorough knowledge of your assets (what you're protecting) and the threat sources (the type of entity that might try to get it). Understanding these two factors is foundational…

“It’s time to get connected,” says David Blumenthal. But make sure your IT security is healthy!

HHS delivered an early Christmas present today with its announcement that registration for the Medicare and Medicaid electronic health record (EHR) system incentive programs opens on January 3rd. Blumenthal, head of the HHS Office of the National Coordinator for Health…

Garnet Hill Data Breach

December 22, 2010
Redspin
Breaches, Main
1 Comment

Garnet Hill data breach. Is this related to the McDonalds email provider breach? What "preferences" were stored about me?

L0phtCrack is back!

December 21, 2010
Redspin
Security Tools
0 Comments

L0phtCrack was one of the original and greatest hacking and auditing tools of the 90's, essentially creating the modern LM/NTLM password auditing landscape. L0pht Heavy Industries - the creators of the tool - were instrumental in raising awareness of both the ease of cracking passwords as well the obviousness of how poorly people choose passwords.

Information Security – Need-to-Share too much?

December 20, 2010
Redspin
Main
1 Comment

In the post-9/11 world, disparate government agencies took flack for their need-to-know data sharing policies. To improve intelligence efforts, a need-to-share policy was employed, ideally resulting in more efficient communication and flow of inter-agency information. A need-to-share policy, however, also…

IT Security Blog