CyberSecurity Idiots on

Articles, blogs, posts and links to resources for information security professionals and students.

SU is striving to provide our students with the highest quality information security educational available through our Information Security and Information Assurance Training and Certifications for IT Security Professionals Worldwide. GI Bill Approved Leading provider of CISSP Prep & Security+ Classes.

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that has been used in the blog.
  • Bloggers
    Bloggers Search for your favorite blogger from this site.
  • Login
Security University

Security University

A 20-year information security industry veteran, Sondra Schneider is the CEO of Security University, an Information Security & Assurance Certification and Training Company. For the past 19 years Sondra has been traveling around the world training network professionals to be network and security professionals. In 2006-2007 Sondra worked tirelessly to update the Security University 2000 AIS certifications (Advanced Information Security Cert) to the new performance based Q/ISP “hands-on” security certifications for the information & assurance community. The new “Qualified” Q/ISP certification, and related Q/EH, Q/SA-Q/PTL, Q/FE & Q/ND Certifications have been selected to be approved by the DoD 8570 proposal committee in early 2011.

Summary: The ISF Threat Horizon report, based on cyber security predictions through 2014, outlines three specific types of threats that we can expect to face in the next couple of years.

Traditional risk management is insufficient when it comes to dealing with newer cyberspace risks, according to a new report from the Information Security Forum, an international authority on information security.

Hits: 1209
Continue reading Comments

Professional Team Behind Creation of the Duqu Worm

IT security researchers this past week have shed new light on Duqu, a worm discovered last fall that is believed related to Stuxnet, the worm blamed for disabling in 2010 Iranian centrifuges used to enrich uranium that could be used in a nuclear weapon [see New Stuxnet-Like Worm Discovered].

Russian IT security researcher Igor Soumenkov, writing in a blog posted by Kaspersky Lab, characterizes the developers of Duqu as "a rather professional team of developers, which appear to be reusing older code written by top 'old school' developers."

Hits: 1629
Continue reading Comments

Tips to Help Prevent Malicious and Accidental Breaches

Increasingly, social engineers target insiders to plunder organizations' financial and intellectual assets. How can you prevent these and traditional inside attacks? Carnegie Mellon University's Dawn Cappelli offers tips.

 Cappelli, co-author of the new book The CERT Guide to Insider Threats, has studied insider crimes for over a decade. She sees the definition of "insider threat" evolving.

Hits: 1403
Continue reading Comments

How Mobile Can Curb Fraud

Posted by on in Uncategorized

Q&A with Randy Vanderhoof of the Smart Card Alliance

Payment card fraud remains a top concern for banks and credit unions. And Randy Vanderhoof, executive director of the Smart Card Alliance, says mobility can help address fraud incidents and losses.

One positive step: The movement toward more near-field communications. Mobile is the channel most banking institutions and retailers are riding as they coast along the NFC rails. In fact, Vanderhoof says support from Visa, MasterCard and Discover for card issuers and acquirers to rely on and accept more NFC and less magnetic-stripe will be a catalyst for mobile, which is increasingly being viewed as a more secure payments method.

Hits: 1354
Continue reading Comments

"Vishing" attacks increased by 52 percent in the second half of last year.

What if your caller ID showed an incoming call from your bank, but it was really from criminals posing as your bank? That's what's happening en masse, with a major surge in voice-call phishing, or vishing, attacks in the second half of 2011.

Hits: 1546
Continue reading Comments

New Verizon Data Breach Intelligence Report finds 58 percent of all data stolen was the result of hacktivist attacks -- but, overall, traditional cybercriminals executed the largest number of actual breaches.

Turns out the minority of attackers last year -- namely Anonymous -- wreaked the most damage when it came to data breaches worldwide, accounting for more than half of all compromised records, according to the newly published 2012 Verizon Data Breach Intelligence Report (DBIR).

Hits: 1090
Continue reading Comments
Subscribe to my blog posts by submitting your email
Follow on Feedspot
Sign up for our newsletter!

* required


Sign Up!
Careers Job One Day Jobs
Post a Job!
Find Us On Facebook
Follow Us on Twitter
Connect on LinkedIn