Category: Security

I got my Sandisk 2GB U3 drive at Sitex 2006 @ SGD71. This is a real threat of U3 drives, check the hacks available here: http://www.hak5.org/wiki/USB_Hacksaw

Forbes reported, A recent news of data related to U.S underground nuclear weapon tests been leaked from Los Alamo Labs.

The threat of USB and other removable media is real and enterprises should be looking into solutions to protect those endpoints

Wow I need to get a U3 Thumbdrive !

A thumbdrive with 2 partition, 1 which emulate a CD/DVDrom device when plugged into your workstation.

Quoted from Wikipedia, “USB flash drives adhering to the U3 specification are termed “U3 smart drives” by U3.com. “U3 smart drives” differ from traditional USB flash drives because they come preinstalled with the U3 Launchpad, which emulates the Windows OS start menu, and controls program installation.”

Autorun ? Payload ? Malware ? endless ways to go right through your cleverly laid perimeter security.

http://www.hak5.org/wiki/USB_Hacksaw USB shall be seen as EVIL !

I have a problem which most of us are facing.

How many usernames and passwords are you keeping track of ? Or even the email address that you used to create that account with ? Admit it, most of us have more than 1 email address. 🙂
So how do you keep track of them ? Save into a spreadsheet ? Are they secured ? Most spreadsheets built-in protection are not good enough.

Continue reading “Secure your passwords, files, drives.”

Will companies use a system like ISMS to ensure that they are meeting with ISO17799, BS7799 compliance for Information Security ?

ISMS in short, Information Security Management System
ISMS, detailed documentation on controls, threats, vulnerabilities.

Any book to recommend or document templates samples for an inspiring Security Auditor ? :p