From the card to the backend database, proximity card access systems contain a variety of components, all which are vulnerable to attack but have been rarely targeted. This demo-driven presentation explores and attacks each of the various components (RFID tags, controllers, and backend systems) of a popular deployment configuration.

To create bully-free classrooms, it’s necessary that we educate teachers, students and parents about the prevalence and consequences of it. We all believe a school should be a safe place for the children, a place where they can learn without fear or apprehension.

Pwnie Express delivers the bleeding-edge cyber security platforms and solutions required to meet this challenge.

Our initial hardware offering, the Pwn Plug, is the first-to-market commercial penetration testing drop box platform. This low-cost plug-and-play device is designed for remote security testing of corporate facilities, including branch offices and retail locations. A security professional or service provider can ship this device to a corporate facility and conduct a security test over the Internet without travel expenses. The Pwn Plug includes a full security auditing software suite and provides covert remote access over Ethernet, wireless, and 3G/GSM cell networks. In the mobile space, Pwnie Express has also developed the most comprehensive commercial security suite for the Nokia N900 mobile platform.

The FBI has issued a warning about the latest identify theft/bank swindling malware, called “Gameover”. The “Gameover” scam is initiated through a phishing scheme that sends fictitious e-mails to a bunch of users from the National Automated Clearing House Association (NACHA), the Federal Reserve Bank, or the Federal Deposit Insurance Corporation (FDIC). After opening the email and selecting the hyperlink, the user is forwarded to a phony website that automatically installs the Trojan without their knowledge or assistance, then eventual access to the victim’s bank account becomes accessible to the scammer.

As the holiday season steadily approaches, many individuals are planning to upgrade their current technology devices with the latest and greatest on the market. For example, individuals who currently possess an older iPhone such as the 3gs or iPhone 4 are eyeing the new iPhone 4s with the Siri feature. While android-based users have a tons of options to be excited about with the resent releases of the Nexus, RAZR and Galaxy smart phones totting the new Android 4.0 operating system titled Ice Cream sandwich. Then you have to take into consideration other tech gadgets and devices such as tablets, e-readers, netbooks, laptops and computers.

Phishing is defined as the practice of using fraudulent e-mails and fake duplications of legitimate websites to extract financial data from computer users for purposes of identity theft.

In part 1 of my guest post series for the FOSE Insights Blog, I talked about the importance of enterprise log management and the questions one should ask before implementing a log management solution. In this post, I’ll be covering the different types of log management solutions to help you determine the best one for [...]

Log management is the collection of self-generated data from IT hardware devices and software applications. The collection of this data can contain useful information about business processes such as the number of errors on a website or even a security issue that displays the number of failed attempts to access a perimeter router.

At one time, when you wanted to know something about someone you would use a search engine like Google or Yahoo, but that is not the case anymore. There are hundreds of websites with your personal information listed that will provide your information to someone for a fee and some even for free. Many people always ask, “How did my information get on this site?”, and I often state, “You put it there.” Maybe not directly, but through various online activities such as Facebook and Twitter updates as well as signing up to purchase items online. All of that information is eventually collected and stored in some company’s database.

Cyber-bullying uses the new forms of digital communication technologies to repeatedly harass others. A cyber-bully is someone who uses technology to harass, embarrass, intimidate, or stalk someone else.

The methods used can include emails, instant messaging, text-messages, digital photos and all other means of electronic communications.