no more cubes

Category: Security & Privacy

  • Why monitoring is hard

    (and why your vendor will only sell you tools, not solutions) Intro Monitoring infrastructure in a meaningful way is important to any IT operations, yet it is hard to realize. Many vendors adress this problem and promise a silver bullet.

  • DDoS attacks are getting easier

    Search CloudSecurity writes DDoS Attacks are becoming easier, cheaper, more frequent and more varied. Hybrid DDoS prevention emerges to counter variety of DDoS attacks. via DDoS attacks are getting easier to perform, leading to larger, more frequent, costly attacks against enterprises http://t.co/wxjExVHcIg — IEEE Cybersecurity (@ieeecybsi) February 2, 2015

  • Plenumstreffen Sicherheitsnetzwerk München

    Plenumstreffen 2015 Des Sicherheitsnetzwerkes München. Am 22. Januar traf sich das Plenum des Sicherheitsnetzwerkes München. Agenda der Veranstaltung, die von Peter Möhring, Leiter der Geschäftsstelle, und Dr Kathrin Jaenicke, geleitet wurde, beinhaltete im wesentlichen den Rückblick auf das vergangene Jahr wie auch die Perspektive auf das kommende Jahr.

  • XSS with a book.

    In Safari Books. https://twitter.com/fmavituna/status/555769470321688576

  • Virtual Crime in Numbers

    Süddeutsche Zeitung, Januar 10, 2015 “Sueddeutsche Zeitung” has an infographic on Internet related crimes. The numbers displayed are about services targeted by phishing, which is unsurprisingly lead by email, the number of malware circulating, monetary value of damages through criminal activity, most hacked passwords and finally origin of attacks.  Source for these numbers are quoted…

  • Top Influencers in Security

    Tripwire has a recommendation of Security Influencers to follow in 2015, along with their Twitter handle. While I second all of the recommendations, it is particularily notable that 3 out of these 15 names work – or have worked – for Akamai. These guys are @BillBrenner70, @gattaca and @JOSHCORMAN. Every individual on the list had…

  • CISSP

    Had this in my inbox yesterday:

  • Access Control Types

    Directive Deterrent Preventive Compensating Detective Corrective Recovery

  • EMail Protocols

    Privacy Enhanced Mail (PEM): Uses Data Encryption Standard (DES) in the Cipher Block Chaining (CBC) Mode. Secure Multipurpose Internet Mail Extension (S/MIME): Uses the user’s encryption algorithm with RC2, DES, and 3DES for confidentiality. Pretty Good Privacy (PGP): Uses the International Data Encryption Algorithm (IDEA) for encryption of bulk data.

  • Data Link Layer Protocols

    Synchronous data link control / SDLC: supports loop or hub go-ahead configuration used with bounded and unbounded media. High Level Data Link Control / HDLC: Provides an option for a 32bit checksum, maintains data integrity, and provides flow control. Link access procedure balanced / LAPB: Performs packet framing operations, using I-, S- and U-frames.