An introduction to SOX compliance

Sarbanes Oxley Act also known as SOX was enacted in the year 2002 in the United States in response to various corporate scams. The objective of the enactment has been to protect the shareholders and the general public from accounting errors and fraudulent business practices. The Act is administered by the Securities Exchange Commission and is applicable to public companies.

Continue reading “An introduction to SOX compliance”

A list of major security breaches of 2009

As we begin a new year, I thought it would be a good time to reflect upon some major information security breaches of 2009.   The list of the organizations involved makes this list very  interesting. What makes this list even more interesting is the analysis of the  breach- which indicates that the incidents could have been averted by adopting some fundamental security best practices.

Continue reading “A list of major security breaches of 2009”

Responding to Authentication challenges in Online Banking

Traditional authentication mechanisms for online banking have been password and/or a one time password from a dedicated token. Variants or a combination of these two authentication types have been deployed by most banks across the globe. Increasingly these traditional customer authentication methods are being challenged and defeated. Continue reading “Responding to Authentication challenges in Online Banking”

Some Interesting Articles and News collated from the Web – December 9, 2009

  • 5 key security trends for the next decade Read more
  • AVG”s Internet security threats prediction for 2010 Read more
  • Free Wi-Fi network scanner for Windows Read more
  • WPA Cracker Offers Online Cloud Cracking Service Read more
  • Fake fingerprint fools biometric devices Read more
  • NeXpose Community Edition – Our First Look Read more
  • Top 10 infected sites from India Read more
  • Changes coming to the OWASP Top 10 in 2010 Read more
  • Using msfpayload and msfencode from Metasploit 3.3 to bypass anti-virus Read more
  • Freeware version of GFI EndPointSecurity Read more
  • Tutorial – Alternate Data Streams: The Forgotten Art of Information Hiding Read more
  • Bank didn’t notice ATM skimmer for a week Read more
  • 5 security threats to watch in 2010 Read more
  • Securing SQL server 2008 databases Read more
  • Nessus 4.2 Released! Read more
  • 10,000 mobile phones a month left in taxis Read more
  • Cloud security service looks for malware Read more
  • Wireless network detector Kismet 2009-11-R1 released Read more
  • IBM to acquire database security start-up Read more
  • Sun, ATG unveils cloud-based desktop as a service Read more