Multiple Perspectives on Security

Security Journal

Subscribe to Security Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Security Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories

Ex-beauty queen-turned-inside trader Danielle Chiesi, the ex-lover of ex-IBM server chief and ex-CEO candidate Robert Moffat, was sentenced to 30 months in jail Wednesday followed by two years probation and 250 hours of community service. She pleaded guilty to three counts of conspiracy to commit securities fraud in January after her case was severed from her buddy's Galleon hedge fund founder Raj Rajaratnam, who was subsequently found guilty of 14 counts of securities fraud and conspiracy. Rajaratnam is expected to be sentenced to a very long time in the slammer in late September. Wiretaps of Chiesi and Rajaratnam's trading inside information on companies like AMD and IBM were a high point of his trial. Her lawyers had asked for less than 27 months arguing that she was the victim of a "toxic," psychologically manipulative sexual relationship with Mark Kurland, h... (more)

Adobe Sued After Buying EchoSign

On Monday Adobe said that it had acquired EchoSign, a start-up in the electronic signatures business. Price wasn't disclosed but the outfit had raised at least $8.5 million from the venture capitalists. Adobe said it was going to move the e-sign widgetry into its online document exchange services platform, which is used for document access, review and approval. It also said it would integrate it with its document services like SendNow for managed file transfer, FormsCentral for forms creation and CreatePDF for online PDF creation. The acquisition had EchoSign founder and CEO Jaso... (more)

The Development of a Perl-based Password Complexity Filter

If you watch the news regularly, it is easy to notice that in almost any given week some company seems to have experienced an electronic break-in or in some other way experienced a form of computer or network compromise. While computer security professionals can help to mitigate such risks via the proper configuration of firewalls, careful crafting of Access Control Lists, the application of updates, and the judicious application of file permission, among other measures, it's important that one of the most fundamental ways of improving the security of a computer or network resour... (more)

Linux: Secure as a Brick

People who are familiar with me know that there are two things I’m not forgiving about. The first is backups, the second is security. If backups interest you, perhaps we can discuss it some other time. This time we’re going to discuss security. I’m going to outline in the following article some of the best practices I’ve learned along the years and help you “almost brick up, but not just yet” or “harden” your Linux server. While reading this article, however, I suggest also reading this article as well. As we both try to tackle the same issues. I believe both articles eventually... (more)

RDP Exploitation Using Cain

The Microsoft Remote Desktop Protocol (RDP) provides remote display and input capabilities over network connections for Windows-based applications running on a server.  RDP is designed to support different types of network topologies and multiple LAN protocols.  Remote Desktop Services formerly know as Terminal Services on Windows 2000 Server allow a server to host multiple, simultaneous client sessions.  Remote Desktop uses Remote Desktop Services technology to allow a single session to run remotely.  Thus a user can connect to a Remote Desktop Session Host server by using Remot... (more)