Search:

Items Tagged with "Encryption"


37d5f81e2277051bc17116221040d51c

Banks Should Promote EMV

September 04, 2012 Added by:Robert Siciliano

“EMV transactions require an authentic card validated either online by the issuer using a dynamic cryptogram or offline with the terminal... EMV transactions also create unique transaction data, so that any captured data cannot be used to execute new transactions...”

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

The Deep Web vs. Network Security Monitoring

August 31, 2012 Added by:Dan Dieterle

The “Deep Web”, Dark Web or hidden internet, is a massive collection of sites and databases that don’t show up in standard search engines. So, is this a place that you want ANYONE on your corporate network to visit? NO WAY. Though many use Tor for legitimate purposes, the deep web just isn’t that kind of place...

Comments  (2)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Key Management Errors in RuggedCom’s ROS

August 23, 2012 Added by:Infosec Island Admin

ICS-CERT is aware of a report of hard-coded RSA SSL private key within RuggedCom’s Rugged Operating System (ROS). The vulnerability with proof-of-concept (PoC) exploit code by security researcher Justin W. Clarke can be used to decrypt SSL traffic between an end user and a RuggedCom network device...

Comments  (0)

29fb4966bdfcfff5545ae464c771071b

Why is a Password Manager Not Yet a Hot Selling App?

August 13, 2012 Added by:Gurudatt Shenoy

What is the solution to preventing security Armageddon if passwords are not going away soon and people are going to use the same password for all their accounts? I did find a solution for this couple of years back. It is called a password generator and will generate a unique password for storage and management...

Comments  (5)

E313765e3bec84b2852c1c758f7244b6

Smart Grid Security: Getting Better, But Needs Improvement

August 09, 2012 Added by:Brent Huston

There is still room for improvement in the smart grid space: Encryption versus encoding, modern development security, JTAG protection, input validation and the usual application security shortcomings that the web and other platforms are struggling with. Default passwords, crypto keys and configurations still abound...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Kessler-Ellis Products Exploit POC

August 02, 2012 Added by:Infosec Island Admin

ICS-CERT has notified the affected vendor of the report and has asked the vendor to confirm the vulnerability and identify mitigations. ICS-CERT is issuing this alert to provide early notice of the report and identify baseline mitigations for reducing risks to these and other cybersecurity attacks...

Comments  (0)

942fc2242e6b54c078c5bb19c9fbf154

Five Security Tips for Android Phones and Tablets

July 31, 2012 Added by:Nicholas Cifranic

Android app stores such as Google Play have little or no security implementation, so anyone with a developer account may publish applications. Although Google has been attempting to enforce more controls to detect malicious apps, hackers are still publishing malware disguised as popular applications...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Between You and Me, This is Not Private...

July 22, 2012 Added by:Fergal Glynn

If most websites can’t get password storage right, you can bet they can’t get storage of the content you are trusting them with right either. The private documents that you stored with your favorite cloud service are probably not encrypted in a way that only your account can decrypt, if they’re encrypted at all...

Comments  (0)

964eef19f95b77a2606d36daf6deb25f

Security is Your Responsibility When Using Free Wi-Fi

July 17, 2012 Added by:Dale Rapp

Free wireless hot spots deliver a high-speed internet connection, but this convenient no hassle access to the internet comes with a lack of security. This doesn't mean you should avoid accessing a free wireless hot spot, it just means you need to be aware of how to protect your device when you do...

Comments  (0)

D03c28fd5a80c394905c980ee1ecdc88

Ten Things I’ve Learned About Cloud Security

July 17, 2012 Added by:Bill Mathews

Cloud security is tough for a lot of reasons, not least of which is because you probably only understand the basics of what you interface with - the controls the provider allows you to see. This lack of depth of management introduces many security related challenges. Having said that, let’s explore...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Data: The Final Frontier of the Collapsing Perimeter

July 16, 2012 Added by:Rafal Los

If we as IT professionals and architects acknowledge that the perimeter is now around the data, what solutions do we have for protecting it? How can we protect data which is mobile, usable, and in a constant state of danger? The answer seems to be some form of protection that involves our old friend, encryption...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

China Has Backdoor Access to Eighty-Percent of Communications

July 16, 2012 Added by:Headlines

Former Pentagon analyst F. Michael Maloof warns that the Chinese government has backdoor access to as much as eighty-percent of the worlds telecom traffic, giving the regime access to sensitive communications made possible by equipment from two Chinese based telecom giants - Huawei Technologies and ZTE...

Comments  (0)

94c7ac665bbf77879483b04272744424

Yahoo Voices Accounts Exposed and Available to the General Public

July 13, 2012 Added by:Marc Quibell

If Yahoo took "security very seriously" this probably may not have happened. This is obviously a fail in their IT Security practices, on many accounts, beginning with the SQL Injection attack used to compromise the server - yes, it only took one server to compromise for this to occur...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Insecure Cryptographic Storage Explained

July 12, 2012 Added by:Fergal Glynn

The impact of Insecure Cryptographic Storage flaws when exploited is usually quite high due to the fact that the information that is usually encrypted are important things like personally identifiable information, trade secrets, healthcare records, personal information and credit card numbers...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Yahoo!'s No Encryption Trumps LinkedIn's Unsalted Hash

July 12, 2012 Added by:Headlines

Just a month after LinkedIn experienced a significant security breach and caught flack for not "salting their hash", the revelation that the Yahoo! credentials were not even stored in an encrypted format should have everyone concerned about how seriously companies are taking the security of their users...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

NIST Guidelines for Securing Mobile Devices in the Enterprise

July 11, 2012

The purpose of this publication is to help organizations centrally manage and secure mobile devices against a variety of threats. This publication provides recommendations for selecting, implementing, and using centralized management technologies, and it explains the security concerns inherent in mobile device use...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »


Popular Topics
Access Control  Anonymous  Application Security  Attacks  Authentication  Best Practices  China  Cloud Computing  Cloud Security  Compliance  Cyber Crime  Cyber Security  Cyber Warfare  Cyberwar  Data Loss  Data Loss Prevention  Denial of Service  Employees  Encryption  Enterprise Security  Espionage  Exploits  FBI  Government  Hacking  Hacktivist  Headlines  ICS  ICS-CERT  Identity Theft  Industrial Control Systems  Information Security  Information Technology  Infosec  Infrastructure  Law Enforcement  Legal  Managed Services  Management  Military  Mobile Devices  National Security  Network Security  PCI DSS  Passwords  Penetration Testing  Policies and Procedures  Policy  Privacy  Regulation  Risk Management  SCADA  Security  Security Audits  Security Awareness  Security Strategies  Social Engineering  Social Media  Stuxnet  Tools  Training  Vulnerabilities  breach  breaches  fraud  hackers  internet  malware  report  vendors