Reuters came out with an article yesterday talking about Cybercrime on Facebook. Is anybody shocked by this? You've got millions of people using a service, many of which have no idea about what not to do, disclose, etc over the Internet. Of course there is going to be cybercrime, for the same reason pick pockets target crowded events, or bigger cities have more crime for that matter - it's a target rich environment.
Most of the cybercrime on Facebook has to do with identity impersonation, spam, and the downloading of malicious software. Some are claiming that this is going to scare people away, business will stop using Facebook, and users will flee. Simply put - no it's not. You know what else has crime - the Internet, and for that matter, planet Earth.
I think it is safe to say that Web 2.0 is becoming as important to the Internet, as the Internet has become overall. Like everything else, it's imperfect and will take its bumps and scrapes, but the bottom line is - it's not going anywhere, because individuals and business using it are finding value.
On this episode of the Imperva Security Podcast Paul Reymann, Co-author of the Gramm-Leach-Bliley Act (GLBA) discusses GLBA, compliance, and security within the financial industry.He also touches on financial modernization, the convergence of NIST and ISO, and the risk management continuum.
Mr. Reymann is one of the nation's leading regulatory experts and co-author of Section 501 of the Gramm-Leach-Bliley Act Security rule. Fortune 500 companies have leveraged Mr. Reymann's subject matter expertise to develop successful go-to-market strategies for information security and technology products and services within key vertical markets.
He has more than twenty years experience in the financial services industry, including thirteen years with the Department of Treasury's Office of Thrift Supervision (OTS) in Washington D.C. There he guided the regulatory agency's Technology Risk management activities and authored several key regulatory directives and advisories on emerging risk management issues, including the industry's first regulatory directive on "Transactional Internet Banking."
- Command: The full path to the OS command
- Arguments: Arguments that should be passed to the Command.
- Working Dir: The location on the management computer where the OS command should run
On this episode of the Imperva Security Podcast Aviram Jenik - CEO of Imperva Partner BeyondSecurity talks about bringing together WAF, VA, and Black Box Testing. Aviram discusses several very interesting application security "stories from the trenches," and shares his perspectives on the evolution of application security.
For related information on this subject, listen to the podcast on WAF + VA with the CTO of Whitehat Security - Jeremiah Grossman.
"... Probably intrigued by quotes stating that cyberattacks are inexpensive and easy to mount, he decided to join the war... Malicious tools are no longer available to the few. They are very common, can be reached by anyone and are very easy to use. The "for dummies" version of tools are available and ready... "
Last week, PCWorld told how similar tools are used in the recent Iranian conflict:
"On Monday, sites belonging to Iranian news agencies, President Mahmoud Ahmadinejad and Iran's supreme leader Ayatollah Ali Khamenei, were knocked off-line after activists opposed to the Iranian government posted tools designed to barrage these Web sites with traffic."