Webappsec->General
FBI on Bitcoin: Cybercrime, Opportunity and Digital Choice
May 11, 2012 Added by:Pierluigi Paganini
The real danger of digital money, above the vulnerabilities in its processes, is the inability of governments to exert control over finances, which could lead to a distortion of the main mechanisms of economic control and taxation, bringing total chaos to the market...
Comments (0)
Consumer Banking Security Products and Services
May 10, 2012 Added by:Robert Siciliano
All the conveniences of digital banking have its set of risks which requires upgrades in card technologies and authentication. In response banks have provided numerous methods for protecting your personal information and also making your banking experience more secure...
Comments (1)
Five Concerns Surrounding Pinterest
May 10, 2012 Added by:Allan Pratt, MBA
At the current time, there are no privacy or security settings similar to Facebook or Google Plus, and boards cannot be made private, similar to customized Facebook lists or customized Google Plus circles. The bottom line is that anyone with Internet access can view your boards...
Comments (3)
Webinar: Keeping Your Open Source Software Secure
May 09, 2012 Added by:Infosec Island Admin
Understand why collaboration is invaluable in keeping proprietary systems secure. Learn how to share private information in public forums without harming your organization. Identify what tools are available to your organization for collaboration, notification, and knowledge-sharing...
Comments (0)
What’s Going Right with Your Secure Development Efforts?
May 04, 2012 Added by:Fergal Glynn
Security professionals place developer’s code under a microscope and highlight each and every flaw, so you can appreciate why there may be some tension. Testing of code only offers assessments of what they did wrong. Can we apply a different lens while having this conversation?
Comments (0)
Try Application White Listing to Mitigate Malware
May 03, 2012 Added by:Paul Paget
Unless you run a network that has no Internet connection and a “no disks” policy, the only way to against malware is to employ application white listing, which protects the software that controls the behavior of your computers. If the software is not on the white list, it won’t run...
Comments (2)
Online Banking vs. Mobile Banking
May 03, 2012 Added by:Robert Siciliano
Mobile banking can offer additional security by enabling text-backs, as a second form of authentication. If you use your smartphone to access your bank’s website directly, it may recognize that you are using a mobile browser and automatically offer you a dedicated application...
Comments (1)
Applications Targeting Apple Products
May 03, 2012 Added by:Joel Harding
When I was told of a new mobile application distribution system which avoids Apple's scrutiny, my alarm antennas began quivering. Now combine this with who is doing it - Russian developers - and I get an even more dreadful feeling in the pit of my stomach...
Comments (0)
Advanced Methods of Bypassing Website Security
May 01, 2012
There are many methods of defense which admins use to block access to their sites or to the parts of the site's functionality. Among such methods there are use of CAPTCHAs and blocking by IP. But not all such methods are reliable enough, and there are ways to bypass them...
Comments (0)
Symantec Internet Security Threat Report Summary
May 01, 2012 Added by:Headlines
"In addition to the 81% surge in attacks, the number of unique malware variants also increased by 41% and the number of Web attacks blocked per day also increased dramatically, by 36%. Greater numbers of more widespread attacks employed advanced techniques..."
Comments (2)
Mobile Applications Shouldn’t Roll Their Own Security
May 01, 2012 Added by:Brent Huston
Many of the applications being designed are being done so by scrappy, product oriented developers. This is not a bad thing for innovation - in fact just the opposite - but it can be a bad thing for safety, privacy and security...
Comments (0)
Google as a Cyber Weapon: New Attack Method Discovered
April 30, 2012 Added by:Pierluigi Paganini
The lesson learned is that it is possible to use Google as a cyber weapon to lauch a powerful "Denial of Money" attack against other platforms. In reality, the service in this case hasn't been interrupted, but the attack has made it extremely expensive to run...
Comments (0)
Securing Enterprise Communications Systems and Applications
April 27, 2012
Javvad Malik caught up with Rahul Sasi at Black Hat Europe 2012 to learn about securing automated enterprise communications systems and applications against sophisticated hacking attack techniques. Javvad's coverage of Black Hat Europe courtesy of Infosec Island and NETpeas...
Comments (0)
AppSec Mistakes Companies Make and How to Fix Them
April 24, 2012 Added by:Fergal Glynn
We’re pleased to present responses from an array of security experts including Bill Brenner, Andrew Hay, Jack Daniel and Chris Wysopal. Common themes arose, including the idea of taking AppSec more seriously and committing to a programmatic approach vs. ad hoc manual testing...
Comments (0)
Reflections on Ten years of Software Security
April 21, 2012 Added by:Rafal Los
Given a finite amount of time to write a piece of software with specified features and functionality the security of that code will always take a back seat. At least for the time being.Let's face it, code breaks in strange ways that it's not always easy to understand...
Comments (0)
Adobe Releases Critical Updates Reader and Acrobat
April 12, 2012 Added by:Headlines
Adobe has released critical updates to address multiple vulnerabilities in Adobe Reader X (10.1.2) and earlier versions for Windows and Macintosh, Adobe Reader 9.4.6 and earlier versions for Linux, and Adobe Acrobat X (10.1.2) and earlier versions for Windows and Macintosh...
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)