Blog Posts Tagged with "Encryption"
August 02, 2012 Added by:Infosec Island Admin
ICS-CERT has notified the affected vendor of the report and has asked the vendor to confirm the vulnerability and identify mitigations. ICS-CERT is issuing this alert to provide early notice of the report and identify baseline mitigations for reducing risks to these and other cybersecurity attacks...
July 31, 2012 Added by:Nicholas Cifranic
Android app stores such as Google Play have little or no security implementation, so anyone with a developer account may publish applications. Although Google has been attempting to enforce more controls to detect malicious apps, hackers are still publishing malware disguised as popular applications...
July 22, 2012 Added by:Fergal Glynn
If most websites can’t get password storage right, you can bet they can’t get storage of the content you are trusting them with right either. The private documents that you stored with your favorite cloud service are probably not encrypted in a way that only your account can decrypt, if they’re encrypted at all...
July 17, 2012 Added by:Dale Rapp
Free wireless hot spots deliver a high-speed internet connection, but this convenient no hassle access to the internet comes with a lack of security. This doesn't mean you should avoid accessing a free wireless hot spot, it just means you need to be aware of how to protect your device when you do...
July 17, 2012 Added by:Bill Mathews
Cloud security is tough for a lot of reasons, not least of which is because you probably only understand the basics of what you interface with - the controls the provider allows you to see. This lack of depth of management introduces many security related challenges. Having said that, let’s explore...
July 16, 2012 Added by:Rafal Los
If we as IT professionals and architects acknowledge that the perimeter is now around the data, what solutions do we have for protecting it? How can we protect data which is mobile, usable, and in a constant state of danger? The answer seems to be some form of protection that involves our old friend, encryption...
July 16, 2012 Added by:Headlines
Former Pentagon analyst F. Michael Maloof warns that the Chinese government has backdoor access to as much as eighty-percent of the worlds telecom traffic, giving the regime access to sensitive communications made possible by equipment from two Chinese based telecom giants - Huawei Technologies and ZTE...
July 13, 2012 Added by:Marc Quibell
If Yahoo took "security very seriously" this probably may not have happened. This is obviously a fail in their IT Security practices, on many accounts, beginning with the SQL Injection attack used to compromise the server - yes, it only took one server to compromise for this to occur...
July 12, 2012 Added by:Fergal Glynn
The impact of Insecure Cryptographic Storage flaws when exploited is usually quite high due to the fact that the information that is usually encrypted are important things like personally identifiable information, trade secrets, healthcare records, personal information and credit card numbers...
July 12, 2012 Added by:Headlines
Just a month after LinkedIn experienced a significant security breach and caught flack for not "salting their hash", the revelation that the Yahoo! credentials were not even stored in an encrypted format should have everyone concerned about how seriously companies are taking the security of their users...
July 10, 2012 Added by:Pierluigi Paganini
Tor Project found a vulnerability in Cyberoam DPI where all share the same digital certificate and the private key is the same for every device. The implications are serious, as it could be possible to catch traffic from any user by extracting the key and importing it into other DPI devices for interception...
July 03, 2012 Added by:Nick Owen
Assuming that the anti-malware companies cannot keep malware off PCs, what can be done? Well, actually stronger authentication can be applied at certain points in the online banking process to reduce exposure. When people think of two-factor authentication, they typically mean session authentication...
July 01, 2012 Added by:Dale Rapp
A weak WPA2 passphrase could be hacked allowing an unauthorized person to use the wireless network. Even worse this unauthorized person could decrypt the communications revealing emails you send, web sites you visit, and passwords you use for access to websites...
July 01, 2012 Added by:Stacey Holleran
Small technology companies are finding themselves in a unique business situation as prospective clients increasingly request software applications and hosting solutions that can accommodate secure mobile payment transactions, bringing these technology companies to the forefront as “merchant service providers”...
June 28, 2012 Added by:Robert Siciliano
Today, with criminal hackers as sophisticated as ever, if you are using an open unsecured network on your mobile device, you risk exposing your data. There are many ways for hackers to see who’s connected on a wireless connection, and to gain access to your information...
June 27, 2012 Added by:Headlines
"RSA has received many inquiries, press pickups, blog entries, and tweets regarding an alleged crack by researchers of the RSA SecurID 800 authenticator... an alarming claim and should rightly concern customers who have deployed the RSA SecurID 800 authenticator. The only problem is that it’s not true..."
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015