Blog Posts Tagged with "applications"
If Facial Recognition Creeps You Out, What You Can Do About It
August 24, 2012 Added by:Theresa Payton
Facebook’s software isn’t just about placing a name with a face. If you think about how people use the like button, connect to groups, connect to each other, a tagged photo gives additional context. Hackers would love to have this information about you...
Comments (1)
Why is a Password Manager Not Yet a Hot Selling App?
August 13, 2012 Added by:Gurudatt Shenoy
What is the solution to preventing security Armageddon if passwords are not going away soon and people are going to use the same password for all their accounts? I did find a solution for this couple of years back. It is called a password generator and will generate a unique password for storage and management...
Comments (5)
Smart Grid Security: Getting Better, But Needs Improvement
August 09, 2012 Added by:Brent Huston
There is still room for improvement in the smart grid space: Encryption versus encoding, modern development security, JTAG protection, input validation and the usual application security shortcomings that the web and other platforms are struggling with. Default passwords, crypto keys and configurations still abound...
Comments (0)
PA-DSS Validation Clarification
August 09, 2012 Added by:PCI Guru
The PA-DSS has a procedure that the PA-QSA can follow to determine that version changes have not affected cardholder data processing and the application’s PA-DSS validation. Without that validation, as a QSA, our hands are tied and we must conduct a full assessment of the application under the PCI DSS...
Comments (0)
EU Weighs in on Face Recognition Applications
July 29, 2012 Added by:Electronic Frontier Foundation
Face recognition in online applications is particularly problematic as personal data is sometimes used out of context by employers and law enforcement. Therefore, European privacy officials’ opinion recommending various practices for these applications could not have come at a better time...
Comments (0)
ICS-CERT: Windows XP Support End of Life
July 18, 2012 Added by:Infosec Island Admin
ICSCERT has identified three technology deployment areas to evaluate when considering the upcoming EOL of XP SP3 across ICS environments. Applications installed on Windows XP SP3 operating system builds on standard IT equipment, including engineering workstations, HMI servers, historian systems, etc...
Comments (0)
Shodan: There is Now an App for That
July 11, 2012 Added by:shawn merdinger
Since October, 2010, Shodan has consistently made waves in the information security world. Like any security tool, Shodan can be leveraged by both malicious attackers and legitimate security operations to gain insights into the public IP exposure of an organization. Now enters the Shodan App...
Comments (1)
Cloud Patch Management: Consistency and Automation
May 23, 2012 Added by:Rafal Los
If you've chosen wisely, you environments across your public and private clouds are consistent. The big question is - how do we keep our environments consistent in the face of security requirements to push patches? The answers rely very heavily on automation and policy...
Comments (0)
Firewalls: Stop Blocking by IP and Port
May 08, 2012 Added by:Phil Klassen
There has been some good discussions on firewalls, and the majority of the feedback is that firewalls are still an important part of the security infrastructure. However, I am surprised that the discussion revolves around legacy features and not those required to meet today's needs...
Comments (3)
An Enemies Application? Really?
April 20, 2012 Added by:Theresa Payton
We were all taught that if you can’t say anything nice, don’t say anything at all. So imagine our surprise when we found out that there is a free app on Facebook you can publicly name your enemies and give shout outs online as to who they are and why. This is not a good idea..
Comments (0)
Understanding Cloud Security Part One
March 11, 2012 Added by:Neira Jones
The cloud provides an opportunity to re-architect older applications and infrastructure to meet or exceed modern security requirements. At other times, the risk of moving sensitive data and applications to an emerging infrastructure might exceed tolerance levels...
Comments (0)
A Checklist for a Move to the Cloud
February 26, 2012 Added by:Ben Kepes
There’s s flip side to technology democratization in that the high level of accessibility also means that it’s very easy for organizations to set themselves up as vendors – sometimes without the necessary level of professionalism that would be optimal...
Comments (0)
Application Software and Security: A Tale of Two Market Sizes
February 19, 2012 Added by:Fergal Glynn
We spend 0.3% of what we pay for software on ensuring that it is secure. Now you can argue that manual testing is not included. However, even when you account for this variance, the gap in what we spend to buy software and what we spend to secure it is huge...
Comments (0)
That a Phone in Your Pocket or Are You Scanning My Network?
January 16, 2012 Added by:Malgorzata Skora
Smartphones have become much more powerful over the past few years. Combine this power with the right applications and you can scan a network from the inside in seconds, along with performing several other new types of attacks for information gathering...
Comments (1)
Nothing Funny About CallerIDFaker
December 29, 2011 Added by:Theresa Payton
Companies are coming up with new technologies to not only spoof your number but to also disguise your voice. This could be scary in the wrong hands. One product, CallerIdFaker, asks you to tape the call as it happens and then share it on their website. Are you laughing yet?
Comments (1)
The Cloud of Clouds: Amazon Web Services
November 22, 2011 Added by:Robert Siciliano
Security is paramount. Amazon states: “In order to provide end-to-end security and end-to-end privacy, AWS builds services in accordance with security best practices, provides appropriate security features in those services, and documents how to use those features..."
Comments (1)
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox
- The Emperor Is Naked!
- Infographic: Keeping Web Applications Safe
- Do You Have a Vendor Security Check List? You Should!