Items Tagged with "Security"
Majority of Web Apps Deployed with Security Flaws
April 26, 2011 Added by:Headlines
Veracode analyzed nearly five-thousand applications submitted to its cloud-based testing service over the period of eighteen months and found that more than half of the software had some sort of significant security flaw. “Software remains fundamentally flawed," the report states...
Comments (0)
PCI Security Compliance Q and A with Anton Chuvakin pt2
April 26, 2011 Added by:Anton Chuvakin
Perception of electronic and digital risks does not come naturally to people – and IT managers and directors are people too. So many organizations will severely underestimate computer risks and, sadly some would pay with their very existence for this mistake...
Comments (1)
PCI Security Compliance: Q and A with Anton Chuvakin
April 22, 2011 Added by:Anton Chuvakin
PCI DSS and other PCI standards were intended as a baseline set of security practices, not as a comprehensive, upper limit on security. For various reasons, it is hard for many organizations to understand that. What results is a false sense of security and a mistaken sense of betrayal...
Comments (0)
The Rise of Smartphones and Related Security Issues
April 18, 2011 Added by:Robert Siciliano
As more and higher speed networks are built, more consumers will gravitate toward the mobile web. Smartphone users are downloading billions of apps and spending millions via mobile payments. For the younger generation, smartphones are used for a majority of ecommerce transactions...
Comments (0)
Parallelized Data Mining Security
April 12, 2011 Added by:K.S. Abhiraj
Problems with protecting hosts from malicious code are understood. The problem posed by malicious hosts to entities and the environment is more complex. Since an entity is under the control of the executing host, the host can in principle do anything to the event and its code...
Comments (2)
Twenty Percent of Online Fraud is “Friendly”
April 08, 2011 Added by:Robert Siciliano
Friendly fraud accounted for twenty percent of fraud affecting merchants. Friendly fraud is when a consumer purchases an item online, receives it, but claims they did not, then requests a refund or chargeback from the merchant or delivery of a duplicate item...
Comments (0)
When Security Requirements Conflict
April 06, 2011 Added by:Robb Reck
Next time an information security expert tells you that a system is secure ask him, “What kind of secure?” We know that choices are always made and vulnerabilities always left unmitigated. Knowing which ones to address and which to accept is what makes a security program effective...
Comments (0)
Search Engine Doesn’t Need Kid's Social Security Numbers
April 06, 2011 Added by:Robert Siciliano
Americans have become accustomed to handing over the last four digits of their SSN as an identifier. The coder or marketer at Google who believes it’s reasonable to request the last four digits of children’s SSNs probably readily shares his or her number, which is not a good idea...
Comments (0)
Wireless Security – Choosing the Best Wi-Fi Password
April 06, 2011 Added by:Dan Dieterle
WPA2 Enterprise is the best if your organization supports it, but WPA2 Personal is great for home and small offices. Do not use WEP. It was cracked a long time ago, and an attacker does not even have to crack it, as the WEP key can be passed just like NTLM passwords...
Comments (0)
Dr. InfoSec's Quotes of the Week (016)
April 01, 2011 Added by:Christophe Veltsos
Who said: "We've approached security layer by layer. I have one tool for Web access, another tool for network access, another tool for e-mail. And yet I can't answer the basic question: Am I secure?"...
Comments (0)
Hackers Are Second Biggest Threat to Airline Security
April 01, 2011 Added by:Headlines
"The next generation of cyber threats may directly affect aviation equipment, not simply stealing credit cards and denying travelers access to online booking sites. For the future, cyber-threats will be more diversified and take the form of multi-stage and multi-dimensional attacks..."
Comments (0)
F-Secure's April Fools Hack Article is No Joke
April 01, 2011 Added by:Headlines
F-Secure posted a nice April Fool's day article that was so subtle it slipped into several security news feeds unnoticed. While the article itself may be just a fun prank, readers would be wise not to let the sardonic wit overshadow the important message about password security...
Comments (0)
Creepy iPhone Application Invites Security Risks
March 31, 2011 Added by:Robert Siciliano
Situationist is an iPhone app that alerts members to each other’s proximity and gets them to interact in random situations. Members simply upload their photo and pick the situations they want to happen to them in the knowledge that they might then occur anywhere, and at any time...
Comments (0)
Ten Social Media Security Considerations
March 30, 2011 Added by:Robert Siciliano
Social media security issues involve identity theft, brand hijacking, privacy issues, online reputation management, and provides opportunities for criminals to “friend” their potential victims, creating a false sense of trust they can use against their victims through phishing or other scams...
Comments (0)
Banks Need You to Be Responsibly Secure
March 27, 2011 Added by:Robert Siciliano
It has become apparent that the conveniences of technology have outpaced consumers’ security intelligence. It is possible to secure systems in a way that will defeat most criminal activity, but that level of security comes with inconveniences that the consumer may not be equipped to handle...
Comments (0)
Software Security: Just What is the Meaning of Mature?
March 22, 2011 Added by:Rafal Los
When an organization's SSA Program is mature, they've minimized their spending (thus maximizing their efficiency), they're impacting their business in a minimal way, and have decreased latent IT-based risk to their business applications to an acceptable level...