Tucked away in the rolling hills just south of Lexington, KY is the farming community of Mt. Vernon, KY. Dennis Weiskircher, IT Manager and Security Officer at Citizens Bank www.citizensbankrb.comhere, has seen his share of Social Engineering scams.
"I find it surprising how many smaller banks are being targeted by...
It's About Protecting the Network Endpoints
Last week's announcement of yet another unencrypted laptop being stolen - this time it is retailer The Gap's recruiting vendor and its gaping lack of security (the vendor laptop was stolen with personal information of 800,000 applicants Gap Press Release ) opens another...
Detailed user-level auditing for your UNIX and Linux environment is essential to achieving business-critical goals like regulatory compliance (e.g., GLBA, SOX, PCI, etc.), protection against insider attacks, and the ability to troubleshoot and diagnose system availability issues.
Centrify's auditing, access control...
Have you sat down in front of your screen and tried to discover why it is taking forever to download or you've found while troubleshooting there's been something added to the numerous operations that your PC computes? It may turn out to be that the source of your PC's slowing is spyware, software that was installed on...
With consumers demanding 24/7 access to financial accounts and information, balancing customer desires for convenience with the need for solid protection is a difficult task. However, VeriSign Layered Security offers an effective option to serve both fronts. Learn how you can:
• Reduce complexity by integrating...
Financial institutions need intrusion detection systems that incorporate wireless
The biggest credit-card hacking incident in history exploited a weakness in wireless network security that could have easily been fixed. The lesson for financial institutions is to plug all such weaknesses before wrongdoers discover...
Financial institutions need intrusion detection systems that incorporate wireless
The biggest credit-card hacking incident in history exploited a weakness in wireless network security that could have easily been fixed. The lesson for financial institutions is to plug all such weaknesses before wrongdoers discover...
Securing the network against intrusion is more than complying with the Federal Financial Institutions Examination Council’s mandate for strong authentication—although it’s certainly that. It also makes good business sense. Financial institutions that implement information security technology and...
Secure Socket Layer (SSL) is a protocol developed by Netscape in 1996 which quickly became the method of choice for securing data transmissions across the Internet. SSL is an integral part of most web browsers and web servers and makes use of the public-and-private key encryption system developed by RSA.
In order...
In this guide you will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
We will also touch on the role of...
Security-naive machines are about to swarm onto your precious networks.
Brace yourself.
Brian McKenna is the editor of Infosecurity Today (www.infosecurity-magazine.com)
McKENNA: We know from surveying our readers that they are very focused on the medium term. In other words, what the security threats are going...
NIST Special Publication (SP) 800-56A, Recommendation for Pair-Wise Key
Establishment Schemes Using Discrete Logarithm Cryptography, is now
available . This document specifies key establishment schemes based on
standards developed by the Accredited Standards Committee (ASC) X9,
Inc.:
ANS X9.42 (Agreement of...
Draft FIPS 186-3 is the proposed revision of FIPS 186-2. The draft defines methods for digital signature generation that can be used for the protection of messages, and for the verification and validation of those digital signatures. Three techniques are allowed: DSA, RSA and ECDSA. This draft includes requirements...
Entities participating in the generation or verification of digital signatures depend on the authenticity of the process. This Recommendation specifies methods for obtaining the assurances necessary for valid digital signatures: assurance of domain parameter validity, assurance of public
key validity, assurances...
The use of mobile handheld devices within the workplace is expanding rapidly. These devices are no longer viewed as coveted gadgets for early technology adopters, but have instead become indispensable tools that offer competitive business advantages for the mobile workforce. While these devices provide productivity...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
