Security Port

Security Forums
Security Articles
Security Port Blog
Security Blogs
Security Books
Security Glossary
Security Definitions
Security Directories
Security Wikis
Security Tradeshows
Security Newsletters
Security Alerts
Buyers Guides
Security Newsgroups
Security Organizations
Submit Security Sites
Security Magazines
Security Feeds
Security News
Security Software
Security Products
Search Databases


Security Port
Contains relevant information that pertains to security related issues and solutions.

Security Port

A Security Port Blog
South Carolina Data Breach
03/29/2013

South Carolina officials are only beginning to grapple with the magnitude of the problems created by the security breach last fall at the Department of Revenue.

The ramifications of the theft of critical identifying information for millions of people will be with us for decades. There is no one-year or 10-year timeline for addressing them.

NASA Shutdown Access
03/28/2013

NASA has shut down a large public database and is limiting access to agency facilities by foreign citizens as part of a broader investigation into efforts by China and other countries to get information about important technology.

NASA announced the security procedures this week, after the F.B.I. arrested a Chinese citizen at Dulles International Airport in Virginia who had boarded a plane to Beijing.

US Security Review
03/27/2013

The new U.S. defense secretary, Chuck Hagel, has asked the Pentagon to review U.S. military strategy in light of budget cuts brought on by deficit reduction and sequestration. That process will eventually draw in Secretary of State John Kerry and will bear the imprint of both new members of President Obamas Cabinet. The results will be incorporated into a new national security strategy due later this year that could yield greater burden-sharing for Americas allies and partners.

Kerry and Hagel both served on the Senate Foreign Relations Committee with Obama and Vice President Joe Biden. Both men were wounded in Vietnam and understand the cost of combat. Both have strong ties to Europe and an inclination to exploit diplomacy to the full extent before turning to military force. Their voices will be heard.

Security Footage Captures Murder
03/26/2013

Security footage was unearthed Saturday in Istanbul that revealed Sarai Sierras fight to her death. A homeless man, Ziya Tasali, has confessed to killing Sierra, 33, a mother of two young sons from Staten Island who had been traveling to Turkey alone. In the grainy footage, two figures, one in the signature brown jacket that Sierra was said to be wearing when she went missing, can be seen struggling near the railroad tracks—where Tasali said he attacked Sierra after attempting to kiss her. He has claimed that he was drunk and high on paint fumes when he attacked Sierra, who attempted to fight him off for 30 minutes before he left her die near the railroad tracks.

Huge Apple Security Flaw
03/25/2013

The company made the password reset page for Apple ID accounts available again, not long after the discovery of the security hole forced it to take the site down. The Verge reported on Friday that the security hole allowed anybody who knows another user’s account name and date of birth to reset his password, without answering the customary security questions that usually accompany the process.

The Verge, which said it verified the security hole after a tutorial about it was posted online, reported that it involved pasting a special Web address into a browser.

It Works for Divorce Cartoon
03/19/2013

Great Mobile Security Graphics and Logos
03/18/2013

Great mobile security logos and graphic designs:

Check out These Security Newsletter
03/17/2013

Large collection of Security Newsletters

RSS Scripts Updated
03/16/2013

All the RSS Scripts in the RSS Scripts Directory have been updated for PHP 5.1.

Cyber Security
03/15/2013

There is a silver lining to the rash of revelations about cyberintruders cracking into the networks of marquee U.S. corporations.

However, the mea culpas also show that with persistent network breaches continuing to escalate, some large organizations have begun proactively gathering intelligence about what the bad guys are up to. They are doing this by stepping up the use of cutting-edge tech security systems.

And by moving to advance public knowledge about the stealthy tactics of cyberintruders, companies under attack could be taking a crucial step toward gaining an advantage on the attackers, say security analysts and law enforcement officials.

Compliance Hinder Real Security
03/14/2013

Companies with IT security strategies that focus mostly on complying with key standards are dangerously unprepared for emerging cyber threats, said security experts.

Over the past few years, the security strategies of many companies and government agencies have centered around meeting the requirements of Sarbanes-Oxley, Health Information Portability and Accountability Act (HIPAA), the Payment Card Industry Data Security Standards (PCI DSS), Federal Information Security Management Act (FISMA) and other government and industry standards.

Experts say that meeting such standards is important, but they should be used as baseline controls in a broader IT security strategy.

Funny Techie Cartoon
03/13/2013


Techie Cartoon!

Is Software Security a Waste of Time?
03/12/2013

A two-person RSA Conference panel tackled a provocative question head-on: Is software security a waste of time for most companies?

No one was suggesting that companies should ignore bugs in their products, but the question was more of how and when fixes should occur.

Microsoft, Adobe, and a few other companies advocate a secure software development lifecycle, where security issues are addressed during all phases of development. There are still many companies that believe the time and money spent on these software security initiatives could be used elsewhere, and it's more in their interest to just fix bugs after products ship.

On the one hand, there are companies such as Adobe, who have to deal with committed attackers intent on exploiting vulnerabilities in the software.

Homeland Secdurity Immigrant Release
03/11/2013

The Homeland Security Department released 2,000 undocumented immigrants because of budget cuts and planned to release about 3,000 more this month, according to the Associated Press.

The disclosed figures, cited in internal government budget documents, are significantly higher than what the Obama administration acknowledged this week: a few hundred undocumented immigrants who were released under the budget-savings process.

The documents show that Immigrations and Customs Enforcement released roughly 1,000 undocumented immigrants from its jails around the U.S. each week since at least Feb. 15.

Fire Security Boxes not Secure
03/10/2013

A security expert warned that criminals can gain access to locked businesses and apartments across the United States by reproducing the master keys now issued only to firefighters during emergencies.

The expert said he identified a flaw in the heavy metal boxes made by an Arizona-based company called Knox Co, now commonly found outside millions of apartment complexes and commercial properties in cities across the country, including Chicago, Atlanta and San Francisco.

Microsoft Security Breach
03/09/2013

Security software companies must be smiling ear to ear as they read the news briefs coming off the transom. Microsoft said today that an undetermined number of computers in its Mac software business unit got infected with malware. The company said the number of infected PCs was small but that there was no indication customer data had been compromised.

Cyber Security Executive Order
03/08/2013

After years of often-alarmist rhetoric about the threat of deadly cyber-attacks – and repeated calls for government to ‘do something’ to address the threat – President Obama has finally issued a comprehensive executive order on cyber-security.

British Security Concerns
03/07/2013

In a week that saw claims of Red Chinese penetration of U.S. networks, a new survey sponsored by the British security vendor Clearswift has found the thing most public-sector U.K. organizations fear is not industrial sabotage or spying -- its damage to their reputation due to an IT security breach.

That worry, rated number one by 31% of respondents to the poll, surpasses concerns about the potential financial consequences of any such breaches 20%.

DOD Expands Security Role
03/06/2013

Now, for the first time, DODs thousands of military and civilian security professionals can earn certification in their job series to gain proficiency in an all-encompassing field through the Security Professional Education Development Program, a Defense Department initiative to professionalize the departments security workforce.

DOD officials for many years have wanted a joint security environment among the services and defense organizations, said Kevin Jones, director of the center.

Hacking Facebook
02/05/2013

A security hacker recently found a flaw in a Facebook system that allowed developers to access anyones Facebook account through app permissions.

Though Facebook has fixed this issue, Nir Goldshlager, a Web application security specialist who looks for these types of flaws professionally, found more app authorization bugs that need fixing, according to his blog. App permissions are what developers use to access the user data needed to run their apps. Users give them access permission when they install the apps.

Three More Hacking Attacks
03/04/2013

Another day, three more hacking attacks.

Some users of Twitter, Tumblr and Pinterest had their personal information compromised because of a hack on another company.

Cloud Security and Policy
03/03/2013

With cloud computing taking off at a very fast pace — some administrators are scrambling to jump into the technology. Unfortunately, many organizations are purchasing the right gear, deploying the right technologies, but still forgetting the policy creation process.

The truth is that cloud computing is relatively new for many organizations. This means that companies looking to enter the cloud must be careful and avoid jumping in with both feet. Although every environment is unique, administrators must take the time to create a plan which will help them retain control over their cloud initiative.

Climate Change a Security Issue?
03/02/2013

A Harvard researcher is pointing toward a new reason to worry about the effects of climate change — national security.

A new report co-authored by Michael McElroy, the Gilbert Butler Professor of Environmental Studies, and D. James Baker, a former administrator of the National Oceanic and Atmospheric Administration, connects global climate change, extreme weather, and national security.

During the next decade, the report concludes, climate change could have wide-reaching effects on everything from food, water, and energy supplies to critical infrastructure and economic security.

Chinese Hacking
03/01/2013

Unknown hackers are trying to infect computers by capitalizing on strong interest in a recent report by a security firm that accuses the Chinese military of supporting widespread cyber attacks on U.S. companies.

Tainted digital versions of the report from cyber forensics firm Mandiant infect PCs with computer viruses that allow hackers to gain remote control of computers after users attempt to read those documents, according to security researchers.

Anti-virus software maker Symantec Corp said on its blog that some of those tainted documents were attached to Japanese-language emails purporting to be from someone recommending the report.

Phone Security Lawsuit Settled
02/28/2013

More than 18 million smartphones and other mobile devices made by HTC, a Taiwanese company that is one of the largest sellers of smartphones in the United States, had security flaws that could allow location tracking of users against their will and the theft of personal information stored on their phones, federal officials said Friday.

The Federal Trade Commission charged HTC with customizing the software on its Android- and Windows-based phones in ways that let third-party applications install software that could steal personal information, surreptitiously send text messages or enable the device’s microphone to record the users phone calls.

Techie Humor
02/27/2013

A funny look at validation for Techie Types.



Current Blog

2013 Security Blog Archive
March Archive
February Archive
January Archive

2012 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2011 Security Blog Archive

December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2010 Securty Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2009 Securty Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2008 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
July-August Archive
May-June Archive
April Archive
March Archive
February Archive
January Archive

2007 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2006 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive


Security Alerts
Locate security alerts, and security feeds via a security rss feed directory.