Site Sponsor:
Ask the Expert
Have a question for our resident expert? Email your questions to Dan or post a comment to the blog.
Search this site
Entries from Realtime Community | Messaging and Web Security tagged with 'oauth'
Collective Response to OAuth Vulnerabilities is Model to Emulate
A protocol vulnerability was discovered in OAuth, an open authorization protocol (details here). The developer community kept the news out of the press while they worked on a solution. There some back story about Twitter-bashing for disabling OAuth services but...
Posted by Dan Sullivan on April 25, 2009 5:16 PM
Feed Subscription
If you use an RSS reader, you can subscribe to a feed of all future entries tagged 'oauth'. [What is this?]
Other Tags
Other tags used on this blog:
- 0 day (1)
- 2-factor authentication (1)
- 2008 Summer Olympics (1)
- access control (3)
- access controls (12)
- account sharing (1)
- Acer Aspire (1)
- ACLU (1)
- Active Management Technology (1)
- ActiveX (1)
- ActiveX vulnerability (1)
- ad blocking (1)
- Ad Words (1)
- adaptive design (1)
- AdBlock Plus (1)
- Adi Shamir (1)
- Adobe (2)
- Adobe Acrobat (1)
- Adobe Flash (1)
- Adobe Reader (1)
- adult content (1)
- adult sites (1)
- advertising (3)
- adware (6)
- AI (1)
- Air Force (2)
- air traffic control (1)
- AJAX (2)
- Ajax (6)
- Ajax security (3)
- Alienware (1)
- Altiris (3)
- Amazon (2)
- Amazon compute services (1)
- Amazon EC2 (1)
- Amazon S3 (4)
- Amazon Web Services (1)
- AMTSO (1)
- Amzaon EC2 (1)
- Amzon S3 (1)
- and Sun (1)
- Android (11)
- anit-malware (1)
- anit-virus (1)
- anonymizer (1)
- anonymizing data (1)
- anonymous browsing (1)
- anonymousizer (1)
- anti-forensic (1)
- anti-forensics (1)
- anti-Islamist (1)
- anti-malware (12)
- Anti-Malware Testing Standards Organization (1)
- anti-pharming (1)
- anti-phishing (14)
- anti-spam (8)
- anti-spyare (1)
- anti-spyware (5)
- anti-virus (53)
- anti-virus filtering (1)
- AOL (2)
- Apache (2)
- Apple (19)
- Apple Safari (1)
- appliance (1)
- applicaiton security (1)
- application backdoor (1)
- application development (4)
- application firewall (1)
- application firewalls (3)
- application security (35)
- Application security (1)
- application server security (1)
- application stack (1)
- application testing (4)
- application vulnerability (1)
- application vulnerability assessment (1)
- Arbor Networks (1)
- Aritficial intelligence (1)
- arrest (3)
- Ask (1)
- Ask.com (1)
- AskEraser (2)
- asset management (2)
- Asus (1)
- Asus eee (1)
- Asus Eee (6)
- Asus EEE (2)
- Asus Eee PC (3)
- AT&T (5)
- attack code (1)
- attackers (1)
- attacks (1)
- auction (2)
- audit (6)
- auditing (12)
- audits (1)
- authenticated email (1)
- authentication (11)
- authorization (5)
- AV (1)
- backup (7)
- backup and recovery (2)
- backups (1)
- badware (1)
- bandwidth (1)
- bank bailout (1)
- bank fraud (4)
- Bank fraud (1)
- Bank of America (1)
- Bank of New York Mellon (1)
- banking (2)
- Barack Obama (6)
- Barak Obama Blackberry smartphone mobile device security policy (1)
- Barracuda (1)
- bayesian filter (1)
- Bayesian filtering (1)
- BBC (1)
- BEA (1)
- BEA Weblogic (1)
- BearShare (1)
- behavior tracking (1)
- behavioral analysis (2)
- Beijing Olympics (1)
- best practices (8)
- BGP (2)
- Bhutto assassination (1)
- Biden (1)
- Bitlocker (1)
- BitLocker (3)
- Black Hat (3)
- Black Hats (1)
- black holes (1)
- Blackberry (3)
- blackberry (1)
- blacklist (2)
- Blacksberry (1)
- Blacksburg (1)
- blended threats (2)
- blocking (1)
- blog (2)
- blogs (1)
- Blue Coat (1)
- Bluethooth (1)
- Bluetooth (1)
- bonet (1)
- Boot and Nuke (1)
- boot n nuke (1)
- Border Gateway Protocol (2)
- border patrol (1)
- Boston Mass Transit Authority (1)
- bot (10)
- botnet (29)
- Botnet (1)
- botnets (22)
- bots (1)
- branding (1)
- brandjacking (1)
- Broadcom (1)
- brokerage accounts (1)
- brokerage firms (1)
- broswer (1)
- broswer security (2)
- browser (8)
- browser cache (1)
- browser extensions (2)
- browser interface (1)
- browser secuity (1)
- browser security (18)
- browser securtiy (1)
- browser sniffing (1)
- browser vulnerability (1)
- Bush (1)
- Bush administration (1)
- business alignment (1)
- business case for security (1)
- business computing (1)
- business continuity (1)
- business intelligence (1)
- cache poisoning (1)
- calendar (1)
- camera phone (1)
- campaign (1)
- campaigns (1)
- CAN Spam (1)
- Canada (1)
- captcha (1)
- CAPTCHA (1)
- career development (1)
- categorizing (1)
- cDc (1)
- cell phone (1)
- cell phones (1)
- cellphone (1)
- censorship (5)
- CERT (2)
- certification (1)
- CertifiedEmail (1)
- CES (1)
- change management (3)
- chaos (1)
- chat room (1)
- CheckPoint (2)
- child pornography (1)
- China (4)
- Chinese military (1)
- Chrome (2)
- CIO (1)
- Cisco (4)
- civil liberties (1)
- Clearwire (1)
- clickfraud (1)
- client security (3)
- Clinton (1)
- cloud computing (22)
- cloud security (4)
- CloudSQL (1)
- clustering (1)
- CMDB (1)
- cms (1)
- COBIT (6)
- code review (3)
- codecs (1)
- Colbert Report (1)
- collaboration (3)
- college (2)
- Comcast (2)
- Comcast net neutrality FCC (1)
- command and control (2)
- Common Cause (1)
- communication (1)
- complex event processing (1)
- complexity (3)
- compliance (33)
- compliance regulation (2)
- composting (1)
- compromised Web sites (2)
- computer crime (1)
- computer crime investigations (1)
- computer security (3)
- Computer Security Institute (1)
- computer survelliance (1)
- ComputerWorld (1)
- computing (1)
- computing services (1)
- Conficker (2)
- confidentiality (2)
- configuration (1)
- configuration management (2)
- consolidated security (1)
- constraint programming (1)
- constraint satisfaction (1)
- Consumer Electronics Show (1)
- content filter (5)
- content filtering (17)
- content filters (1)
- content management (2)
- content management system (3)
- control systems (1)
- copyright (4)
- copyright violation (2)
- copyrighted movies (1)
- copyrighted music (1)
- Core Security Technologies (1)
- Coreflood (1)
- counter-terrorism (1)
- counterfeit (1)
- counterintelligence (1)
- countermeasuer (1)
- countermeasures (2)
- Country Wide (1)
- Cox Communications (1)
- cracking (1)
- crawling (1)
- credit card (4)
- credit card fraud (7)
- credit card security (1)
- credit card theft (4)
- credit fraud (1)
- credit monitoring (3)
- credit reporting (1)
- crime (1)
- crimeware (3)
- critical infrastructure (2)
- critical patch (3)
- critical patch update (3)
- critical patch updates (1)
- cross site request forgery (1)
- cross site scripting (2)
- cross site scripting attacks (1)
- cross-doemain trust (1)
- cross-site scripting (2)
- cryptanalysis (1)
- cryptography (4)
- CSI (1)
- CSO (1)
- CSRF (3)
- CTIA (1)
- Cult of Dead Cow (1)
- customs (1)
- cyber attack (1)
- cyber attacks (1)
- cyber crime (1)
- cyber insurance (1)
- Cyber Monday (2)
- cyber-attack (2)
- cyber-security (1)
- cyberattack (4)
- cyberchat (1)
- cybercime (1)
- cybercrime (52)
- Cybercrime (2)
- cybereconomy (1)
- cybersecurity (14)
- cybersquatters (1)
- cybersquatting (1)
- cyberwar (2)
- cyberwarefare (1)
- cyberwarfare (6)
- cyptography (1)
- czar (1)
- Daily Show with John Stewart (1)
- Dan Kaminsky (1)
- DARPA (1)
- Darwin Awards (2)
- data breach (46)
- data breaches (2)
- data classification (3)
- data discovery (1)
- data inference (1)
- data integration (1)
- data leak (15)
- data leaks (11)
- data loss (19)
- data loss disclosure laws (1)
- data loss pervention (1)
- Data loss prevention (1)
- data loss prevention (88)
- data loss prevention disk wiping (1)
- data loss protection (5)
- data mart (1)
- data mining (2)
- data modeling (1)
- data privacy (1)
- data protection (1)
- data security (1)
- data standards (1)
- data warehouse (1)
- data warehousing (1)
- database (2)
- database administration (1)
- database auditing (2)
- database breach (1)
- database design (1)
- database encryption (2)
- database monitoring (4)
- database security (61)
- database vulnerabilitiy (1)
- database vulnerability (2)
- databasse security (1)
- David Blaine (1)
- DB2 (2)
- DBA (3)
- dban (1)
- DDOS (4)
- ddos (4)
- DDoS (2)
- dealing with evolving malware (1)
- debate (1)
- debit card theft (1)
- decryption (1)
- default passwords (1)
- DefCon (1)
- defense in depth (7)
- Dell (3)
- Democratic Party (1)
- Democratic primary (1)
- Democratic Primary (1)
- demographics (1)
- denial of service (8)
- denial of service attack (5)
- denial of service attacks (1)
- Department of Defense (4)
- Department of Homeland Security (1)
- Department of Justice (1)
- deregulation (1)
- dermatitis (1)
- design flaw (1)
- design flaws (1)
- desktop (3)
- desktop application security (1)
- desktop applications (4)
- desktop replacements (1)
- desktop search (2)
- developerWorks (1)
- development (1)
- development environment (1)
- development methodology (1)
- development tools (1)
- device security (1)
- DHS (4)
- Diebold (1)
- Diffie-Hellman (1)
- Digg (2)
- digital certificates (2)
- digital forensic (1)
- digital forensics (2)
- digital rights management (3)
- digital signatures (5)
- disgruntled employee (3)
- disk drive (1)
- disk encryption (1)
- disk recovery (1)
- disk scanning (1)
- distributed computing (1)
- distributed denial of service (1)
- DKIM (2)
- DLP (8)
- DNS (9)
- dns poisoning (1)
- DNS poisoning (2)
- DNS vulnerability (1)
- Do Not Track (1)
- DOC spam (1)
- document spam (1)
- DOD (1)
- DoJ (1)
- domain (1)
- domain hijacking (1)
- domain integrity (1)
- Domain Keys (1)
- Domain Keys Identified Mail (1)
- domain kiting (1)
- domain name system (1)
- domain registration (1)
- domain squatting (1)
- DomainKeys (2)
- DOS (2)
- DoS (2)
- Doubleclick (1)
- DoubleClick (1)
- drive by download (2)
- drive by downloads (5)
- drive-by downloads (3)
- drive-by malware (1)
- DRM (4)
- drunk texting (1)
- Dutch Shell (1)
- DVD (1)
- dynamic analyis (1)
- e-commerce (1)
- e-discovery (2)
- e-mail (1)
- e-voting (12)
- e-waste (1)
- Earth Day (1)
- Earthlink (1)
- eavesdropping (2)
- Ebay (1)
- eBay (4)
- eclipse (1)
- economic downturn (2)
- economics (1)
- economics of cybercrime (1)
- ediscovery (1)
- EEC (1)
- EEF (1)
- election (1)
- elections (2)
- electronic ballots (1)
- electronic voting (2)
- email (16)
- email abuse (1)
- email archiving (1)
- Email client (1)
- email discovery (1)
- email filter (1)
- email filters (1)
- email monitoring (1)
- email policy (1)
- email security (15)
- email spoofing (1)
- employee monitoring (2)
- encrypted e-mail (1)
- encryption (47)
- Encryption (1)
- encryption keys (1)
- end user education (1)
- end user secuity (1)
- end user security (1)
- end user training (2)
- endpoint encryption (1)
- endpoint security (1)
- energy consumption (1)
- enterprise infrastructure (1)
- EnterpriseDB (1)
- ESet (1)
- espionage (1)
- ETL (1)
- EU (4)
- European Commission (1)
- European Union (4)
- EV certificates (1)
- EV SSL (6)
- EV SSL certificates (1)
- Eve Online (1)
- event correlation (1)
- EverQuest (1)
- evolution (1)
- Exchange (1)
- executive management (2)
- eXo (1)
- expansion pack (1)
- Expedia (1)
- exploit (3)
- Express Scripts (1)
- Extended Validation SSL (1)
- extended validation SSL (1)
- Extended Validation SSL Certificates (2)
- extortion (1)
- F-Secure (1)
- FAA (1)
- Facebook (10)
- Fast Company (1)
- fast flux (1)
- fast-flux (1)
- FBI (1)
- FCC (6)
- FDIC (1)
- Federal Deposit Insurance Corporation (1)
- Federal Rules of Civil Procedures (1)
- federal security (1)
- Federal Trade Commission (1)
- feedback (1)
- FERC (1)
- file encryption (1)
- file sharing (6)
- Final Fantasy (1)
- financial services (2)
- fines (1)
- Finjan (1)
- FIrefox (1)
- Firefox (18)
- Firefox plugin (1)
- FirePhish (1)
- firewall (2)
- firewalls (5)
- fiscal stimulus (1)
- FISMA (1)
- Flash (3)
- flash drive (1)
- flash drives (1)
- foreign relations (1)
- forensic analysis (1)
- forensics (7)
- form grabber (1)
- Fortune 100 (1)
- Fortune 500 (1)
- fraud (33)
- free credit monitoring (1)
- free market (1)
- free WiFi (1)
- FreeBSD (1)
- FTC (1)
- ftp (1)
- full disk encryption (6)
- G Data (1)
- gaming (1)
- gaming assets (1)
- gaming inventory (1)
- GAO (2)
- GDI (1)
- GE (1)
- Geert Wilders (1)
- genetic engineering (1)
- Geogia (1)
- Georgia Tech (1)
- Germany (1)
- globalization (1)
- GMail (2)
- gmail (1)
- Gmail (10)
- Goggle phone (1)
- Goodmail Systems (1)
- google (1)
- Google (61)
- Google ads (1)
- Google Applications (2)
- Google Apps (10)
- Google apps (1)
- Google Apps Engine (1)
- Google Blogger (1)
- Google Books (1)
- Google Calendar (1)
- Google Chrome (2)
- Google Desktop (1)
- Google desktop (2)
- Google Docs (4)
- Google email (1)
- Google Gears (3)
- Google Goggles (2)
- Google Groups (2)
- Google mail (1)
- Google operating system (1)
- Google Pack (1)
- Google Phone (2)
- Google phone (10)
- Google Toolbar (1)
- Goolag (1)
- Governance (1)
- governance (4)
- Gphone (2)
- gPhone (1)
- Grand Prix (1)
- Great Britan (1)
- green bar (2)
- Greenborder (1)
- greenhouse gases (1)
- GroupWise (1)
- hack (3)
- hackers (1)
- hackikng (1)
- hacking (48)
- HAL (1)
- Hannaford (3)
- harassment (1)
- hard drives (1)
- hardware error (1)
- Harvard Business Review (1)
- hash functions (1)
- HD-DVD (2)
- health care records management (1)
- Heartland (1)
- Heather Mills (1)
- HerbalKing (1)
- hijacked (1)
- Hillary Clinton (4)
- HIPAA (1)
- Hitachi (1)
- hoax (1)
- holiday (1)
- Homeland Security (2)
- homeland security (1)
- honeypot (1)
- honeypots (1)
- honypots (1)
- host (1)
- host integrity (2)
- host intrusion prevention (2)
- host intrusion prevetions system (1)
- host security (1)
- hosted malware (1)
- hostile workplace (1)
- hotel security (1)
- housing and urban development (1)
- HP (2)
- HP Info Center (1)
- HPMini-Note PC (1)
- HTML (1)
- HTML Injection (1)
- HTML injection (1)
- HTTP (1)
- HUD (1)
- human factors (2)
- human resources (1)
- Hushmail (1)
- hypervisor (1)
- IBM (11)
- IBM DB2 (1)
- IBM Websphere Portal (1)
- ICANN (1)
- identity management (8)
- Identity theft (1)
- identity theft (45)
- IE (4)
- IE 7 (2)
- IE7 (1)
- IE8 (1)
- IEEE Computer (1)
- iFrame exploit (1)
- illegal downloading (2)
- illegal software (1)
- IM (4)
- image analysis (1)
- image spam (3)
- Imeem (1)
- incident management (2)
- incident response (4)
- Indiana Jones (1)
- industrial espionage (1)
- industry regulation (1)
- information classifictaion (1)
- information leaks (4)
- information security (8)
- information technology (2)
- information theft (1)
- infrastructure (1)
- infrastructure protection (1)
- ING (1)
- ING Direct (1)
- Injection attack (1)
- injection attack (4)
- injection attacks (2)
- insider abuse (10)
- insider attack (4)
- insider threat (3)
- insider trading (1)
- instant messaging (3)
- insurance (1)
- Intel (4)
- Intel Dual Core (1)
- intellectual property (9)
- intellectual property theft (1)
- intelligence (1)
- intelligence agency (1)
- intelligence gathering (1)
- Interent Explorer (1)
- interface design (1)
- Internet (4)
- Internet access (1)
- Internet Explorer (16)
- Internet Explorer 7 (1)
- Internet rumor (1)
- Internet security (1)
- intrusion detection (1)
- intrusion prevention (7)
- intrustion detection (1)
- intrustion prevention (1)
- IP address (1)
- IP reputation filter (1)
- IP spoofing (1)
- iPhone (15)
- iphone (3)
- iPhone 2.0 (1)
- iPod (2)
- IPOWER (1)
- IPS (4)
- IRC (1)
- Irish Potato Famine (1)
- IRS (3)
- ISO 27002 (1)
- ISO-17799 (1)
- ISP (14)
- Isreal (1)
- IT (2)
- IT budget (1)
- IT budgeting (1)
- IT infrastructure (1)
- IT management (2)
- IT security (1)
- IT services (1)
- IT spending (1)
- Italian Job 3 (1)
- Italy (1)
- ITIL (7)
- iTouch (4)
- iTunes (1)
- iTunes update (1)
- IXQuick (1)
- jail break (1)
- Japan (1)
- Java security (1)
- JavaFX (1)
- Javascript (7)
- JavaScript (1)
- JBoss (1)
- Jeremy Clarkson (1)
- John Mcain (1)
- John McCain (4)
- JScript (1)
- JSON (1)
- JSR 168 (1)
- Julius Baer Bank and Trust (1)
- Kaspersky (1)
- key management (2)
- keylogger (6)
- keyloggers (1)
- kiting (1)
- Kmart (1)
- Koobface (1)
- Kraken (1)
- kudzu (1)
- laptop (9)
- laptop security (5)
- laptop theft (5)
- Large Hadron Collider (1)
- least privilege (2)
- least privileges (1)
- legislation (3)
- Lending tree (1)
- Leopard (3)
- LHC (1)
- liability (2)
- Lieberman (2)
- Liferay (1)
- Limewire (2)
- LinkedIn (3)
- LinkedIn porn malware (1)
- Linux (14)
- Linux desktop (2)
- lock down (1)
- lock picking (1)
- locksmith (1)
- log analysis (2)
- log monitoring (1)
- lost laptop; stolen laptop; data loss protection; data leak; identity theft; Best Buy (1)
- Lotus Notes (1)
- Lotus Symphony (2)
- Mac (3)
- Mac OS (7)
- Mac OS X (11)
- mail delivery (1)
- malicious domains (1)
- malicious Web site (1)
- malicious Web sites (2)
- malware (138)
- Malware (3)
- malware detection (1)
- malware Trojans worms viruses defense in depth anti-virus anti-malware Mac OS X iPhone iTouch (1)
- man in the middle attack (3)
- man-in-the-middle attack (1)
- managed devices (1)
- managed security services (1)
- managing security budgets (1)
- market (1)
- mashup (1)
- mashups (1)
- Massachusetts (1)
- massacre (1)
- Mastercard (1)
- McAfee (15)
- McAfee Site Advisor (2)
- McAFee SiteAdvisor (1)
- McAfee SiteAdvisor (1)
- Mcain Palin (1)
- McCain (4)
- MD5 (1)
- Media Defender (1)
- MediaDefender (1)
- medical malpractice (1)
- merger (1)
- message digests (1)
- messaging (1)
- metadata (1)
- Metasploit (2)
- metrics (1)
- MI5 (2)
- MI6 (1)
- Micheal Jackson (1)
- Microsoft (61)
- Microsoft Access (1)
- Microsoft Data Engine 1.0 (1)
- Microsoft Exchange (1)
- Microsoft Host Integration Server (2)
- Microsoft Live (1)
- Microsoft Mobile (1)
- Microsoft Office (6)
- Microsoft Project (1)
- Microsoft security (2)
- Microsoft SQL Server 2000 Desktop Engine (1)
- Microsoft SQL Server 2005 Express Edition (1)
- Microsoft Sync Framework (1)
- Microsoft Threat Analysis and Modeling (1)
- Microsoft Threat Analysis and Modeling Tool (1)
- Microsoft Vista (1)
- Microsoft Windows (1)
- Microsoft Windows 2000 (1)
- Microsoft Word (1)
- Microsoft XP (1)
- midsized business (1)
- MiiVi.com (2)
- military network (1)
- mini notebook (1)
- mini-laptop (1)
- mismanagement (1)
- missle defense (1)
- MIT (1)
- MITM (1)
- Mitt Romney (1)
- MMS (1)
- mob (1)
- mobile (1)
- Mobile Armor (1)
- mobile banking (1)
- mobile computing (2)
- mobile device (1)
- mobile device security (6)
- mobile devices (6)
- mobile devices malware iPhone Blackberry Google Phone (1)
- mobile malware (1)
- mobile messaging services (1)
- mobile operating system (1)
- mobile phone (2)
- mobile phones (1)
- mobile security (4)
- mobile storage devices (1)
- money laundering (1)
- monitor (1)
- monitoring (9)
- Monster.com (1)
- Morris worm (1)
- mortgage lending (1)
- Motion Picture Association of America (2)
- Moziall Firefox (1)
- Mozilla (10)
- Mozilla Fireforx (1)
- Mozilla Firefox (2)
- MPAA (4)
- MPack (1)
- MS Exchange (1)
- MS Jet (1)
- MS SQL Server (1)
- MTV (1)
- multimedia messaging (1)
- multiplayer games (1)
- municipal WiFi (1)
- music download (1)
- music industry (1)
- music piracy (1)
- MySpace (4)
- MySQL (5)
- MySQL security (1)
- myth (1)
- NAC (1)
- NASA (1)
- national defense (1)
- national security (2)
- natural language processing (1)
- NeoSploit (1)
- Nessus (1)
- Net Neutrality (1)
- net neutrality (1)
- Netflix (1)
- network (1)
- network abuse (1)
- network access control (1)
- network access controls (1)
- network appliance (2)
- network engineering (1)
- network intrusion prevention (1)
- network monitoring (1)
- network protocols (1)
- network scanner (1)
- network security (64)
- network vulnerabilities (1)
- network vulnerability scanning (1)
- network worms (1)
- Nicholas Carr (1)
- nickle (1)
- Nigerian scam (1)
- NIST (1)
- NLP (1)
- Nmap (1)
- Novell (2)
- NPR (2)
- NSA (2)
- nuclear secrets (1)
- NV Labs (1)
- oauth (1)
- Obama (8)
- Obama administration (1)
- obfuscation (1)
- Office (1)
- office suite (1)
- Ohio (3)
- olap (1)
- OLAP (1)
- one time passwords (1)
- online (1)
- online activity tracking (1)
- online ads (1)
- online advertising (2)
- online applications (2)
- online banking (16)
- online desktop (1)
- online fraud (1)
- online gaming (6)
- online identity (1)
- online pornography (1)
- online security (1)
- online storage (1)
- online theft (2)
- open access (2)
- open source (3)
- Open Source Security Testing Methodologies Manual (1)
- OpenBSD (1)
- OpenDNS (5)
- OpenFlow (1)
- OpenID (5)
- OpenLaszlo (1)
- OpenOffice (3)
- OpenSocial (1)
- OpenSSH (1)
- OpenSSL (2)
- OpenSSL vulnerability (1)
- Opera (3)
- operatin g system (1)
- operating system (4)
- operating system development (1)
- operating system hardening (1)
- operating system market (1)
- operating system restore (1)
- operating system security (3)
- operating systems (1)
- Oracle (28)
- Oracle Data Vault (1)
- organizational management (1)
- OSSTMM (1)
- OTP (1)
- Outlokk (1)
- Outlook (1)
- outsourcing (1)
- OWASP (2)
- P2P (10)
- p2p (1)
- P2P networks (1)
- Pakistan (1)
- Palin (3)
- Palm (1)
- Palm Centrino (1)
- Palm OS (5)
- paper ballots (1)
- paper trail (2)
- parallel processing (1)
- Paralles (1)
- parental controls (1)
- passsword stealing (1)
- password (5)
- password crackers (1)
- password cracking (3)
- Password Hasher Firefox Extension (1)
- password management (1)
- password manager (1)
- password policy (1)
- Password Safe (1)
- password stealing (1)
- passwords (11)
- patch (13)
- patch management (19)
- Patch Tuesday (3)
- patching (23)
- patent (3)
- Payment Card Industry (1)
- Payment Card Industry Data Standards (1)
- PayPal (5)
- PC (1)
- PC security (4)
- PCI (5)
- PCI Data Security Standard (1)
- PCI Data Standards (1)
- PCI DSS (3)
- PDA (2)
- PDA security (1)
- PDF spam (2)
- peer-to-peer (1)
- Peer-to-Peer (1)
- penatration testing (1)
- penetration testing (3)
- Pennsylvannia primary (1)
- Pentagon (7)
- perimeter defenses (3)
- personal devices (1)
- personal financial services (1)
- personally identifiable information theft (1)
- Pew Internet & American Life (1)
- Pew Research (1)
- Pfizer (2)
- Phalanx (1)
- Phantom (1)
- pharming (4)
- phishing (80)
- Phishing (3)
- phisihing (1)
- PHP (3)
- PHP security (1)
- physical security (3)
- PII (1)
- piracy (4)
- PKI (1)
- planning and organizing (1)
- Playstation 3 (1)
- plug-ins (2)
- point of sale (1)
- Pointsec (1)
- policies (1)
- policies and procedures (1)
- policy (2)
- policy enforcement (3)
- Policy enforcement (1)
- policy frameworks (1)
- policy management (4)
- politics (1)
- polymorphic virus (1)
- pop-ups (2)
- porn (6)
- pornography (4)
- portal security (2)
- Portals (1)
- POS (1)
- Poste Italiane (1)
- Postini (2)
- potentially unwanted program (1)
- potentially unwanted programs (2)
- power grid (1)
- power saving (1)
- PowerPoint (1)
- Premier Election Solutions (1)
- Presidential campaign (1)
- presidential campaign (3)
- presidential candidates (3)
- presidential election (4)
- Presidential elections (1)
- primary election (1)
- privacy (40)
- Privacy (1)
- privacy directive (1)
- privacy directives (1)
- privacy legislation (1)
- privacy protection (1)
- PrivacyFinder.org (1)
- private investigation (1)
- privilege elevation (1)
- product evaluation (1)
- product selection (1)
- productivity (1)
- programming errors (1)
- project management (1)
- property rights (1)
- prosecution (1)
- public key cryptopgraphy (1)
- public policy (1)
- pump and dump (2)
- PUP (2)
- put options (1)
- Qualcomm (1)
- quality control (1)
- query interface (1)
- Radware (1)
- random js toolkit (1)
- randomness (1)
- ransomware (2)
- rash (1)
- RBN (1)
- Reader (1)
- recession (1)
- Reconnex (1)
- recording industry (2)
- recovery (3)
- regulation (4)
- regulation. Obama (1)
- regulations (1)
- Reh Hat (1)
- relational database (1)
- relational databases (1)
- remote access (4)
- remote access security (1)
- remote code execution (2)
- remote exploit (1)
- remote management (1)
- reporting (1)
- reputation (1)
- reputation management (1)
- requirements analysis (1)
- requirements management (1)
- resiliency (1)
- resiliency engineering (1)
- retail (1)
- retailer (1)
- reveneues (1)
- revolt (1)
- reward (1)
- RFID (4)
- Rhapsody (1)
- RIA (2)
- RIAA (6)
- rich internet application (1)
- rich internet applications (1)
- rich Web applications (1)
- Richard Clarke (1)
- Richard Stallman (1)
- risk (2)
- risk analysis (5)
- risk assessment (3)
- risk management (20)
- risk mitigation (3)
- Robert Alan Soloway (1)
- Rolls Royce (1)
- Ron Paul (2)
- root access (1)
- root kits (3)
- rooted (1)
- rootkit (1)
- rootkits (6)
- rotation of duties (3)
- rotation of dutities (1)
- RSA (4)
- RSA 2009 (1)
- Ruby (3)
- Ruby on Rails (3)
- Rudder (1)
- Russia (1)
- Russian Business Network (1)
- SaaS (3)
- Safari (6)
- SafeBoot (1)
- Salesforce.com (2)
- sampling (1)
- San Francisco (2)
- sand box (1)
- sandbox (1)
- SANS (1)
- SANS What Works (1)
- Sarah Palin (1)
- satellite (1)
- Scalia (1)
- scam (1)
- scareware (1)
- Scientific American (1)
- screen grabber (2)
- screen logger (1)
- script (1)
- script kiddie (2)
- scripting (1)
- search (2)
- search and siezure (1)
- search engine (1)
- search engines (1)
- Sears (1)
- Second Life (4)
- Secunia (1)
- Secure Computing (1)
- Secure mashups (1)
- secure programming practices (1)
- secure voting (1)
- SecureWorks (1)
- security (34)
- security appliance (1)
- security as a service (3)
- security audit (1)
- security awareness (11)
- security awareness training (2)
- security baseline (1)
- security best practices (3)
- security breach (1)
- security budget (2)
- security budgeting (1)
- security by obscurity (1)
- security domains (1)
- Security Exchange Commission (1)
- security hardware (1)
- security industry (1)
- security informaiton management (2)
- security information management (1)
- security investment (1)
- security management (114)
- security managment (2)
- security market (2)
- Security market (1)
- security methodologies (1)
- security metrics (1)
- security monitoring (1)
- security policies (9)
- security policy (14)
- security practices (2)
- security professionals (1)
- security reporting (1)
- Security research (1)
- security ROI (1)
- security testing (3)
- security threats (3)
- security training (7)
- security update (1)
- security vendors (5)
- security vulnerability (1)
- semi-managed devices (1)
- Sender Policy Framework (2)
- SenderID (1)
- sendmail (2)
- Sentrigo (1)
- separation of duties (2)
- server hardening (1)
- server management (1)
- server security (6)
- server vulnerability (1)
- servers (2)
- service management (1)
- service oriented architecture (1)
- sex scandal (1)
- shredding (1)
- signature base detection (1)
- signature-based analysis (1)
- Silverlight (2)
- SIM (1)
- simulation (1)
- single sign on (1)
- SIP (1)
- SitAdvisor (1)
- SiteAdvisor (1)
- skills (1)
- Skydrive (1)
- Skype (5)
- small and midsized business (1)
- small and midsized businesses (1)
- small business (1)
- small businesses (1)
- small mid-sized businesses (1)
- small midsized business (3)
- smartphone (10)
- smartphones (19)
- Smash (2)
- smb (1)
- SMB (8)
- SMM (1)
- SMS (3)
- Snort (1)
- SOA (1)
- sobriety tests (1)
- social engineering (26)
- social enterprise (1)
- social networking (8)
- society (1)
- sociological drivers (1)
- Société Générale (1)
- software as a servcies (1)
- software as a service (4)
- software as a services (1)
- software asset management (1)
- software design (1)
- software development (6)
- software development methodologies (3)
- software development methodology (1)
- software engineering (1)
- software life cycle (1)
- software life cycle management (1)
- software policy (1)
- software reliability (1)
- software security (1)
- Sony (1)
- Sophos (1)
- Souter (1)
- SouthPark (1)
- Spam (1)
- spam (60)
- spam filter (1)
- spam filtering (1)
- spam stimulus package porn adult film industry bankikng auto industry IRS (1)
- Spamassasin (1)
- Spamassassin (1)
- Spamhaus (2)
- spammers (2)
- spear phishing (1)
- SPF (2)
- spoofing (1)
- Sprint (1)
- spybot (1)
- spyware (19)
- spyware SpyBot Ad-Aware Mcafee Site Safe OpenDNS (1)
- SQL Injection (8)
- SQL injection (5)
- SQL injection attacks (1)
- sql injection scanner (1)
- SQL Server (5)
- SQL Server 2000 (1)
- SQL Server 2005 (1)
- SQL Server 7.0 (1)
- SQL Slammer (1)
- SQLNinja (1)
- SSH (1)
- SSL (5)
- stability issue (1)
- Star Office (1)
- state sponsored cybercrime (1)
- State Street (1)
- static analysis (2)
- statistical analysis (1)
- statistics (2)
- stealth update (1)
- Stephen Colbert (1)
- stimulus plan (1)
- stolen laptop (2)
- StopBadware (1)
- storage services (1)
- Storm (5)
- Storm bot (1)
- Storm worm (3)
- Sun (4)
- Sun Java System Portal (1)
- Sunbelt (1)
- Super Tuesday (1)
- supercomputing (1)
- superhackers (1)
- Supreme Court (1)
- SURBL (1)
- surveillance (7)
- survey (3)
- SUSE (1)
- Sylvania G Netbook (1)
- Symantec (12)
- Symbain (1)
- Symbian (4)
- Symbion (1)
- system administration (1)
- system resiliency (1)
- systems administration (1)
- systems complexity (1)
- systems reliability (1)
- T-Mobile (2)
- targeted attacks (1)
- taxes (1)
- TCP (6)
- technology (1)
- technology policy (1)
- telecommunications industry (2)
- telephony (1)
- telephony security (1)
- testing (4)
- testing methodology (1)
- testing standards (1)
- text messaging (1)
- text mining (1)
- The Economist (1)
- theft (1)
- ThinkFree (1)
- Thinkfree (1)
- threat analysis (2)
- threat assessment (1)
- threat management (1)
- threat modeling (1)
- threat modelying (1)
- threatening messages (1)
- threats (3)
- Thunderbird (1)
- Tiger (2)
- Time Warner Cable (1)
- timing attack (2)
- TJX (9)
- Tor (1)
- Torpig (1)
- TorrentFreak (1)
- tracking (1)
- training (3)
- transportation (1)
- Trend Micro (2)
- Treo (1)
- Tripwire (1)
- Trojan (17)
- trojan (1)
- Trojan horse (7)
- Trojan horses (3)
- Trojan Horses (1)
- Trojans (9)
- trust model (1)
- trustec computing paltform (1)
- trusted computing (3)
- Trusted Computing Platform (1)
- trusted computing platform (2)
- trusted path (1)
- trusted Web sites (1)
- Turing Test (1)
- Twitter (2)
- twitter (1)
- typosquatting (1)
- UAC (2)
- Ubuntu (6)
- UK (2)
- Ukraine (1)
- ultraportable (1)
- underground economy (1)
- unified communications (1)
- unified threat management (6)
- Unisys (1)
- university (1)
- unlock (2)
- unmanaged devices (2)
- unwanted content (1)
- update (1)
- URIBL (1)
- url blocking (1)
- URL filtering (1)
- URL redirect (1)
- US-Cert (1)
- usability (2)
- USB (1)
- USB flash drive (1)
- user authentication (1)
- user awareness (3)
- user training (2)
- utility computing (1)
- UTM (3)
- VA (2)
- Valentines Day spam (1)
- vandalism (1)
- VBScript (1)
- Verified Voting (1)
- Veritas (1)
- Verizon (4)
- Verizon Wireless (2)
- VerizonWireless (2)
- version control (1)
- Viacom (2)
- video (2)
- video conferencing (1)
- Virginia Tech (2)
- virtual criminology (1)
- virtual currency (1)
- virtual goods (1)
- virtual machine (1)
- virtual private database (2)
- virtual server (2)
- virtual server security (1)
- virtual servers (1)
- virtual theft (1)
- virtual world (1)
- virtual worlds (1)
- virtualizaiton (1)
- virtualization (13)
- virtualization security (1)
- virtualization sprawl (1)
- virus (18)
- Virus (1)
- viruses (4)
- virutalization (1)
- Visa (1)
- vishing (2)
- Vista (26)
- vitrualization (1)
- Viver (1)
- VMWare (4)
- VoIP (7)
- VoIP security (3)
- voter fraud (1)
- voter registration (1)
- voting (2)
- voting fraud (2)
- voting machines (3)
- voting security (1)
- VPD (2)
- VPN (2)
- vpn (1)
- vPro (2)
- VT (1)
- vulnerabilities (34)
- vulnerability (35)
- vulnerability assessment (12)
- vulnerability management (5)
- vulnerability scanner (1)
- vulnerability scanning (16)
- vulnerability testing (1)
- vunlernability scanning (1)
- W-Fi (1)
- Wabisabilabi (1)
- Wall St meltdown (1)
- war (1)
- warrantless wiretapping (1)
- weak encryption keys (1)
- weak keys (1)
- Web (1)
- Web 2.0 (15)
- Web 2.0 security (1)
- Web 2.0. (1)
- Web application (2)
- Web application security (19)
- web application security (4)
- Web browser (1)
- Web crawler (1)
- Web email (1)
- Web filtering (1)
- Web hacking (1)
- Web hosting (1)
- Web meeting (1)
- Web rediret (1)
- web security (1)
- Web security (10)
- Web server security (2)
- Web services (1)
- Web site (1)
- Web site attack (1)
- Web site defacement (1)
- Web site integrity (1)
- Web site security (8)
- Web sites (1)
- Web spoofing (1)
- Web surfing (1)
- WebLogic (1)
- WebOS (1)
- Website security (1)
- Website vulnerability (1)
- WEP (2)
- whistle blowing (1)
- white lists (1)
- whitespace (1)
- WhyFirefoxIsBlocked (1)
- whyfirefoxisblocked (1)
- wi-fi (1)
- Wi-Fi (1)
- WiFi (2)
- WiFi communications industry auto industry (1)
- WiFi security (3)
- wiki (1)
- WikiLeaks (1)
- Wikileaks (1)
- wikis (1)
- WiMax (2)
- Windows (16)
- Windows 7 (1)
- Windows administration (1)
- Windows Internal Database (1)
- Windows Live (1)
- Windows Mobile (3)
- Windows registry (1)
- Windows security (8)
- Windows Server 2003 (1)
- Windows Server Service (1)
- Windows Update (1)
- Windows Vista (6)
- Windows XP (3)
- Wired (1)
- wireless (5)
- wireless auction (1)
- wireless encryption (1)
- wireless network (1)
- wireless security (3)
- wiretapping (2)
- Wordpress (1)
- workflow (1)
- World Bank (1)
- World of Warcraft (3)
- worm (4)
- wormm SIS (1)
- worms (13)
- WoW (1)
- WPA (1)
- XACML (1)
- XDrive (1)
- Xen (1)
- XP (2)
- XSRF (2)
- XSS (5)
- Yahoo (6)
- Yahoo widgets (1)
- YouTube (7)
- Yugma (2)
- ZanghSearch (1)
- zero day (1)
- zero day vulnerability (2)
- zero-day attack (1)
- zero-day theats (3)
- zero-day vulnerability (1)
- Zimbra (1)
- Zoho (12)
- Zoho Meeting (1)
- zombie (1)
- zombies (2)
- Zonbu (2)