Presenting at the Next ISACA Ireland Meeting
The next ISACA Ireland chapter meeting will be held on the 3rd of February in Deloitte & Touche’s offices on Earlsfort Terrace. I will be presenting to the meeting on why I founded the Irish Reporting and Information Security Service. During the presentation I will provide a background into why I felt it necessary for […]
Upcoming IISF Meeting
The Irish Information Security Forum will be holding their next meeting at 15:00 on the 28th of January 2009 in Buswells Hotel, Molesworth Street, Dublin 2. The topic for the day is “Information Security: Can the Good Guys win?” and will be given by Professor Fred Piper. The meeting will close at 17:00 with the […]
Largest Breach Ever
Courtesy of Brian Krebbs from the Washington Post it appears that the largest ever breach of credit card data may have occurred. It appears that a payment processor company in the United States, Heartland Payment Systems, discovered malware on their network that may have captured the credit and debit card details of over 100 million […]
Plane Security
At this stage you no doubt have heard about the miraculous emergency landing of the US Airways Flight 1549 in New York’s Hudson river. Thanks to the skill, experience and bravery of the pilot and the crew, all 155 people on board managed to get out of the plane safely with relatively few injuries. So what […]
Implementing ISO 27001 In A Windows Environment
One of the biggest projects I worked on last year was writing my first book. The book is called “Implementing ISO 27001 in a Windows Environment“. I wrote this book in response to the many questions clients have asked me on how best to put in place the various controls and goals outlined in the ISO 27001 […]
List of the TOP 25 Most Dangerous Programming Errors Released
Earlier today the List of the Top 25 Most Dangerouse Programming Errors was released. The list was compiled by a number of different organisations and coordinated by the SANS Institute. Criminals are now moving from attacking the infrastructure layer and moving to finding ways into systems by means of bugs in the applications sitting on […]
Technology Is Not The Silver Bullet
The raft of data breaches involving lost laptops and mobile devices that occurred last year, both in the government and private sector, led to a rash of organisations running out to encrypt these mobile devices. While an effective tool in helping to secure data on mobile devices, encryption by itself is not a silver bullet […]
SSL Certificates Vulnerable to Attack
The computer security community is abuzz with the news announced today by a team of security researchers at the 25th Chaos Communication Congress in Berlin. The researchers were able to demonstrate how they were able to generate a fake Certificate Authority certificate and thereby allowing them to impersonate any secure website using SSL certificates. The research […]
Castlecops Website Shuts Down
Castlecops the volunteer website set up to help fight against internet fraud and scams has sadly closed its doors. Despite being the targets of many DDOS attacks, Castlecops managed to keep up and running and be a thorn in the side of cyber criminals. However, it looks like the volunteer group has finally had to […]
December Edition of Security Watch Newsletter Now Available
The December 2008 edition of our sister publication, the Security Watch Newsletter, is now available online. For those of you who do not subscribe to our newsletter, you may find it a useful read as we highlight issues and stories that may not be applicable to our Blog