Blog Posts Tagged with "Security"
When Security Requirements Conflict
April 06, 2011 Added by:Robb Reck
Next time an information security expert tells you that a system is secure ask him, “What kind of secure?” We know that choices are always made and vulnerabilities always left unmitigated. Knowing which ones to address and which to accept is what makes a security program effective...
Comments (0)
Search Engine Doesn’t Need Kid's Social Security Numbers
April 06, 2011 Added by:Robert Siciliano
Americans have become accustomed to handing over the last four digits of their SSN as an identifier. The coder or marketer at Google who believes it’s reasonable to request the last four digits of children’s SSNs probably readily shares his or her number, which is not a good idea...
Comments (0)
Wireless Security – Choosing the Best Wi-Fi Password
April 06, 2011 Added by:Dan Dieterle
WPA2 Enterprise is the best if your organization supports it, but WPA2 Personal is great for home and small offices. Do not use WEP. It was cracked a long time ago, and an attacker does not even have to crack it, as the WEP key can be passed just like NTLM passwords...
Comments (0)
Dr. InfoSec's Quotes of the Week (016)
April 01, 2011 Added by:Christophe Veltsos
Who said: "We've approached security layer by layer. I have one tool for Web access, another tool for network access, another tool for e-mail. And yet I can't answer the basic question: Am I secure?"...
Comments (0)
Hackers Are Second Biggest Threat to Airline Security
April 01, 2011 Added by:Headlines
"The next generation of cyber threats may directly affect aviation equipment, not simply stealing credit cards and denying travelers access to online booking sites. For the future, cyber-threats will be more diversified and take the form of multi-stage and multi-dimensional attacks..."
Comments (0)
F-Secure's April Fools Hack Article is No Joke
April 01, 2011 Added by:Headlines
F-Secure posted a nice April Fool's day article that was so subtle it slipped into several security news feeds unnoticed. While the article itself may be just a fun prank, readers would be wise not to let the sardonic wit overshadow the important message about password security...
Comments (0)
Creepy iPhone Application Invites Security Risks
March 31, 2011 Added by:Robert Siciliano
Situationist is an iPhone app that alerts members to each other’s proximity and gets them to interact in random situations. Members simply upload their photo and pick the situations they want to happen to them in the knowledge that they might then occur anywhere, and at any time...
Comments (0)
Ten Social Media Security Considerations
March 30, 2011 Added by:Robert Siciliano
Social media security issues involve identity theft, brand hijacking, privacy issues, online reputation management, and provides opportunities for criminals to “friend” their potential victims, creating a false sense of trust they can use against their victims through phishing or other scams...
Comments (0)
Banks Need You to Be Responsibly Secure
March 27, 2011 Added by:Robert Siciliano
It has become apparent that the conveniences of technology have outpaced consumers’ security intelligence. It is possible to secure systems in a way that will defeat most criminal activity, but that level of security comes with inconveniences that the consumer may not be equipped to handle...
Comments (0)
Software Security: Just What is the Meaning of Mature?
March 22, 2011 Added by:Rafal Los
When an organization's SSA Program is mature, they've minimized their spending (thus maximizing their efficiency), they're impacting their business in a minimal way, and have decreased latent IT-based risk to their business applications to an acceptable level...
Comments (0)
Privacy International Warns of Skype Security Concerns
March 18, 2011 Added by:Headlines
"If the company cannot address and resolve these issues for those who are seeking secure communications, then vulnerable users will continue to be exposed to avoidable risks. Skype's misleading security assurances continue to expose users around the world to unnecessary and dangerous risk..."
Comments (0)
Twitter Offers "Always Use HTTPS" Security Feature
March 17, 2011 Added by:Headlines
The new feature allows users the option to "Always Use HTTPS". Among other security benefits, the HTTPS feature will prevent users from having their login credentials stolen by Firesheep attackers when logging in to their accounts over unencrypted Wi-Fi connections...
Comments (0)
Three Things Good Security Processes Won’t Do
March 15, 2011 Added by:Brent Huston
While good security processes might help you generate metrics and real world threat insights that you can use to explain risk to your management, as the old saying goes, if they spend more on coffee than infosec, they will get hacked and they will deserve it...
Comments (0)
Top Ten Data Security Breaches
March 14, 2011 Added by:Headlines
The list covers data loss events from retail, corporate, and government entities. In most of the listed events, at some point the loss could have been prevented, making a periodic review of these breaches important for reminding everyone how easy it can be to make history for all the wrong reasons...
Comments (0)
Facebook Offers Firesheep Counter Measure
March 11, 2011 Added by:Headlines
Facebook has finally offered a resolution for a major privacy vulnerability that allows accounts to be hijacked by an application called Firesheep. Firesheep is a FireFox extension that can harvest login credentials when users access their accounts over unencrypted Wi-Fi networks...
Comments (0)
Zeus and SpyEye Botmasters Attack Security Sites
March 10, 2011 Added by:Headlines
"A series of discussions on an uber-exclusive Russian language forum that caters to identity and credit card thieves reveal that botmasters are becoming impatient in their search for a solution that puts Hüssy and/or his tracking services out of commission once and for all..."
Comments (0)
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox
- The Emperor Is Naked!
- Infographic: Keeping Web Applications Safe
- Do You Have a Vendor Security Check List? You Should!