|
Top Articles
New Google Campaign Promotes Privacy And Security On The Web
[2012-01-18] The new campaign, called "Good To Know" by Google, is being initiated in order to educate Internet users about ways to keep themselves protected.
Securing Data in 2012
[2011-12-15] PCI Will Push for Greater Protection While Cloud Continues to Play Catch-up
Android Tops Most-Vulnerable Lists, But Is It A Deserved Distinction?
[2011-11-21] As Android becomes more and more widespread, analysts have brought many vulnerabilities of the OS into the public eye.
Cyber Security On The Investor Agenda
[2011-10-19] US securities regulators have formally asked public companies for the first time to disclose cyber attacks against them, reports Reuters.
Hp Unveils Some New Offerings For Cloud Security
[2011-09-23] Hp (Hewlett Packard) recently acquired the companies ArcSight, Fortify Software, and Tipping Point and with the technology that came with them have come out with a new security platform.
Cryptoprocessors as a Viable Security Solution
[2011-08-17] Encryption is computationally very expensive, but the growing threat of data loss is putting pressure on companies to implement greater security. When it comes to internet security, most corporations don't think to look to cryptoprocessors. New chips like Cavium's NITROX III have overcome barriers that will make cryptoprocessors a viable security solution.
Enhancing Secure Communications with Strict Transport Security
[2011-07-13] New security capabilities in Firefox, Chrome and several other browsers enable web applications to create a more secure browsing experience with users.
2011 To Be the Worst Year for Security Breaches
[2011-06-22] So far this year millions of user accounts have been compromised, and millions of dollars spent in cleaning up the messes. Several other articles are writing about this, saying that 2011 is set to be the worst year ever for security breaches. Online security is certainly not keeping pace with the growth in the amount of data stored online. The mounting number of breaches should alarm all security managers to implement better practices.
Possible DNS Hijacking in phishing Attack on Gmail Accounts
[2011-06-03] Gmail accounts including some government officials and Chinese activists were recently compromised by a phishing attack. These attacks are not typical--they are spear phishing attacks where the emails are tailored to the person receiving them. The email is typically sent from a person the victim knows well and is disguised as originating from a legitimate Gmail server, possibly through DNS hijacking. Who is to blame for the attacks is still unclear.
Looking For A Free Security Alternative? Try Microsoft Security Essentials!
[2011-05-12] For a long time, especially back in the Microsoft Windows 95-2000 days, the only way to get really secure security software was to pay for it. Recently, Microsoft unveiled its own free software that you can use to protect your computer (along with other computers in a corporate setting) called Microsoft Security Essentials.
Bringing Web Application Security to University Students
[2011-04-29] Over the weekend Mozilla led an open source boot camp at Stanford University with a great lineup of courses including a hands-on web security lab where students performed actual exploits against a vulnerable web application.
ACL Reporter Helps Monitor Windows Server Security
[2011-04-15] Network Systems Managers (NSM) and Managed Service Providers (MSP) will be glad to know that an enterprise-class Windows Server reporting tool is available for free. N-able Technologies is the makers of ACL Reporter, and their tool provides managers a free option to conduct much needed security reports for Windows Server systems.
The Lone Comodo-Hacker Theory
[2011-03-30] In a message posted on pastebin, an individual using the handle of "comodohacker" has claimed responsibility for last week's hack-attack on the Comodo site in which someone was able to gain access to the RAs site and issue 9 SSL Certificates for some major sites such as:
SOA Security And Identity Management Practices To Be Covered In Workshop
[2011-03-18] Enterprise security professionals who are interested in brushing up on topics related to service-oriented architecture and identity management may want to check their schedules. WSO2 intends to hold affordable, day-long workshops in three different U.S. cities before the end of March.
IBM Releases New System For Enterprise Security
[2011-02-16] Enterprises around the world are continually facing new threats, many times on a daily basis. These threats can come from a wide variety of places, such as data leaks, viruses, hacks, and so on. Vulnerabilities can be tough to track across and infrastructure, which is why having the best tools at one's disposal is key. IBM has released a system which if it can do what they claim, could be a game changer.
Google Declares Major Security Issues With Internet Explorer
[2011-01-28] Michal Zalewski is a researcher and engineer at Google who's recent focus has been on "fuzzing," or checking browsers and sites for potential security holes.
Five Security Tips for the New Year
[2011-01-13] As 2010 comes to a close we turn our attention now to the New Year. Since the dawn of the Internet there have been those using it who are up to no good. Whether it be malicious code, phishing schemes, or simple spam - the forces of good on the Internet (us) will continue to battle the forces of evil (them).
How To Add Security Passwords For AirPort Express Speakers
[2010-12-29] I have a nifty wireless wifi speaker setup in my office where we use AirPlay on our Apple devices to send music to the speakers from iPhones, iPads and our Mac computers. Works awesome and it's built around an old Airport Express, but I realized that anyone can find and access the speakers, not just people in my office. Is there a way to password protect the speakers?
Fixing An Internet Explorer Security Alert
[2010-12-08] Here's an interesting mystery for you: I wrote an article with this title back in 2005, with the original question thusly:
The New Enterprise Security Model: Ninjas > Knights
[2010-11-22] The BBC recently posted an interesting article about the evolution of Enterprise Security. The author, Tim Weber, equates the traditional style of enterprise security to castle walls and moats, or, as I like to call it, the Knight style security. Weber touches on various reasons why the Knights are no longer sufficient in protecting the kingdom. In the end, Weber suggests that a more stealthy, portable approach to security: Ninjas.
Google Positioning Android as Enterprise Platform
[2010-11-10] Last week, I touched on how the pending invasion of tablets will affect the enterprise environment. I was focused more on a network bandwidth issue there, but did make mention of the enterprise security risks of the increased presence of mobile devices. In particular, I mentioned President Obama's Blackberry. RIM has managed to build and maintain a stranglehold on much of the enterprise mobile market because of their edge in security.
Effect of Tablet Invasion on Enterprise Networks
[2010-10-27] Desktop workstations have steadily been disappearing from business desks. Instead, laptops have become the productivity device of choice. Mobile workstations allow employees to continue productivity during and between meetings.
Adobe To Implement Sandbox for Future Reader Version
[2010-10-13] Adobe Reader has been a security thorn in the enterprise security's flesh over the past year. Malicious coders continue to exploit the various capabilities of PDF documents, specifically within Adobe Reader.
Construct a Forensic Timeline of Events Post-Incident
[2010-09-29] Whether the cause is a malicious insider or a simple ignorant user, when a mishap occurs, understanding exactly what went wrong might not be a easy matter, especially when fault must be found. Often, the problem arises from a series of missteps and not only the last action or command that the user issued.
Is This Line Secure?
[2010-09-15] The question asked by spies and agents in countless movies. Given an unsatisfactory answer, the agent does not divulge the sensitive information. With a solid acknowledgement, both parties know that the important contents of the conversation cannot be intercepted. Government agencies are not the only entity privy to private phone conversations, nor are they the only organizations in need of secure communications.
|
|
