ICSA Labs Security Testing Blog

Phone Hacking Scandal: Some Takeaways

Have you heard about the phone hacking scandal rocking the UK and the Rupert Murdoch empire? Even if you haven't, you might be surprised to learn that your cell phone may be susceptible to what amounts to voice mail caller ID spoofing. It’s perfect for those of you who have angry, jilted, ex-lovers (for example). Because Brian Krebs talks about how this caller ID spoofing is perpetrated in more detail on his blog, I won’t go into it here.

Whatever Happened to China?

Two years ago, ICSA Labs began publishing the Top 10 nations where spam originates. The weekly published chart compares last week’s leading spam-sending nations to those from the previous week. An accompanying graph compares trends for some of the top spam-sending nations over the most recent 6 months.

What’s the main IPv6 security issue in most networks?

There’s much evidence that World IPv6 Day was a success.  Whether it was or not, hopefully it's prompting people to think about transitioning their networks to IPv6.  So, what's the implication for your network's security?  Well, is IPv6 running in your network?  Are your network security devices configured to inspect IPv6 traffic, or are they even equipped to do so?  If you know the answers to these questions, then you probably don't need to cont

Have we really run out of IPv4 addresses?

There is a top-level worldwide administrator responsible for the overall pool of Internet addresses. This administrator is the Internet Assigned Numbers Authority (IANA), which hands out address blocks in Regional Internet Registries (RIR) – of which there are five.

Clickmania – An Internet Disease with a Cure

Will you succumb to Clickmania?? I define this horrible Internet disease as the uncontrollable need to “click” your mouse on every picture of a world disaster, Royal Wedding, Osama bin Laden, nuclear reactor explosion, or Hollywood star in trouble with the law today on Facebook or Twitter.  

Verizon Launches 2011 Data Breach Investigation Report – What Does It Mean for You?

On April 19, Verizon issued its much-anticipated 2011 Data Breach Investigations Report (DBIR).  This report has become the seminal report for the security community, and is eagerly awaited for each year. 

Some key takeaways from this year’s report:

3 Tips for Avoiding Malware at Home

Educating consumers on safe computing practices is a real passion of mine. In the video embedded below, I cover three of the most important tips for creating a safe computing environment at home. 

Announcing the First Products Certified Under ICSA Labs' EHR Program

ICSA Labs has expanded its offerings to include the testing of Health Information Technology (HIT) products. My name is Amit Trivedi, and I'm managing the health care program. While I'm new to ICSA Labs, I have been working in the health IT and security fields for many years - managing and auditing systems, developing criteria to test products, and advocating HIT standards and interoperability.

Dip in ICSA Labs’ Spam May be Due to Rustock Takedown

Several media outlets are reporting that the massive Rustock botnet, considered by many to be one of the world’s largest generators of spam, was taken down Wednesday, March 16 just before 11 AM EDT (3 PM GMT), resulting in a significant spam decrease.