July 12, 2012 Added by:Fergal Glynn
The impact of Insecure Cryptographic Storage flaws when exploited is usually quite high due to the fact that the information that is usually encrypted are important things like personally identifiable information, trade secrets, healthcare records, personal information and credit card numbers...
July 12, 2012 Added by:Headlines
Just a month after LinkedIn experienced a significant security breach and caught flack for not "salting their hash", the revelation that the Yahoo! credentials were not even stored in an encrypted format should have everyone concerned about how seriously companies are taking the security of their users...
June 27, 2012 Added by:Headlines
"RSA has received many inquiries, press pickups, blog entries, and tweets regarding an alleged crack by researchers of the RSA SecurID 800 authenticator... an alarming claim and should rightly concern customers who have deployed the RSA SecurID 800 authenticator. The only problem is that it’s not true..."
June 25, 2012 Added by:Headlines
"[These products are] designed specifically to deal with the case where somebody gets physical access to it or takes control of a computer that has access to it... Here, if the malware is very smart, it can actually extract the keys out of the token.That's why it's dangerous"...
June 11, 2012 Added by:Ed Bellis
All of these breaches present a great opportunity to learn what does and doesn’t work in information security. But when we get responses like the one posted by Last.FM not only do we not learn anything, we don’t have any reason to believe they have either...
May 17, 2012 Added by:Bill Gerneglia
Algorithms have infiltrated every application and industry on the planet. They cover standard operational control methods such as linear programming, process control and optimization, simulation, queuing, critical path analysis, project management and quality control...
May 14, 2012 Added by:Ashley Furness
The increasing emergence of Bring Your Own Device (BYOD) policies has both good and bad implications. Here are four strategies your company should implement to keep data secure while supporting employees' choice to use their own laptops, smartphones and tablets in the workplace...
May 13, 2012 Added by:Jayson Wylie
There is a reason the security world refers to exploitation on the Internet to activity ‘in the wild’. A comparison can be made to the lawless, tough and unforgiving world of the Wild West in American history. You can get your stuffz or scalp taken...
May 08, 2012 Added by:Dan Dieterle
Of the 200,000 HTTPS websites tested, only about 10% are properly secured. Changes need to be made to the secure online transaction system. Several of the issues have already been addressed, sadly it seems that the appropriate measures to secure SSL have just not been taken...
May 02, 2012 Added by:Dan Dieterle
Iranian officials recently released claims that they have finished their reverse engineering of the downed US stealth drone and will begin to make a copy. The Iranians released information they say was encrypted flight and maintenance data from internal databases...
April 13, 2012 Added by:Patrick Oliver Graf
Network connections that communicate with machine-to-machine (M2M) management platforms are especially prone to attacks, in part because the M2M systems primarily communicate via Wi-Fi networks and 2 or 3G connections...
April 11, 2012 Added by:Rebecca Herold
Small to medium sized businesses have legal obligations to protect sensitive information, such as personally identifiable information. Here are some of the common long-held myths related to encryption misconceptions...
April 03, 2012 Added by:Kevin Doel
The idea is to choose phrase that you will be able to remember and a simple algorithm for converting it to a strong password. Even the best encryption systems are not going to protect your data if you use weak passwords and a hacker gains physical access to your mobile device...
March 25, 2012 Added by:Ben Rothke
PKI was and still is a powerful set of technologies. But it was a solution far ahead of its time. It was doomed by a lack of standards, interoperability issues, deployment complexities, and a level of complication that confounded even technologically competent end-users...
March 12, 2012 Added by:Electronic Frontier Foundation
The issue in the decryption cases is not whether the decrypted contents of the computer are testimonial. Instead, the issue in these cases is whether the ACT of decrypting information on the computer is testimonial. The answer to that question is that it depends...
March 06, 2012 Added by:Kelly Colgan
Portable and mobile storage devices are significant players in most corporate offices. Ensuring proper protection with a best practices policy and strict enforcement offers significant risk reduction—and can prevent long nights on data breach investigations...
Why Bother with Security? [If you’re going... Westley McDuffie on 12-12-2013
Are Security Professionals Exiting the Enter... Westley McDuffie on 12-12-2013
The Security Risks of Remote Support Tools ... Amanda Martin on 12-11-2013