Security Port

Security Forums
Security Articles
Security Port Blog
Security Blogs
Security Books
Security Glossary
Security Definitions
Security Directories
Security Wikis
Security Tradeshows
Security Newsletters
Security Alerts
Buyers Guides
Security Newsgroups
Security Organizations
Submit Security Sites
Security Magazines
Security Feeds
Security News
Security Software
Security Products
Search Databases


Security Port
Contains relevant information that pertains to security related issues and solutions.

Security Port

A Security Port Blog
Cloud computing is everywhere, and so are frayed nerves about
05/27/2016

However, while cloud is apparently everywhere, so is a great deal of nervousness around security. A majority of enterprise IT leaders (77 percent) note that their organizations trust cloud computing more than a year ago, but only 13 percent completely trust public cloud providers to secure sensitive data.

Add to that a lack of awareness of what vulnerabilities may still exist. A majority of respondents, however (72 percent), list compliance as the primary concern across all types of cloud deployments, and only 13 percent of respondents actually know whether or not their organizations stored sensitive data in the cloud. In addition, fewer than one-quarter (23 percent) of enterprises are aware of data breaches with their cloud service providers.

Senate to Americans: Your security is not our problem
05/25/2016

The Senate Intelligence Committee just released a draft of long-awaited legislation to tackle the problem authorities have with encrypted communications. Namely, because encryption is so secure, it interferes with court orders in the same way private property poses problems for police who just want to get things done.

The Compliance with Court Orders Act of 2016 authored by Sens Richard Burr, R-N.C., and Dianne Feinstein, D-Calif., mandates companies to shoulder the technical burden of accessing encrypted emails or files when investigators issue court orders.

Making sense of enterprise security
05/23/2016

Human beings have a tendency to do things with technology that go beyond original intent, and this inclination should be celebrated. After all, technology continues to drive radical innovation, whether in the form of new applications, use cases or platforms.

Unfortunately, it is also this type of behavior that makes security such a difficult problem. As individuals and organizations leverage technology for intended and unintended uses, it becomes virtually impossible to foresee all threats and vulnerabilities that surface in the process. In other words, the issue with enterprise security is that, by nature, it is reactive. No system or asset can ever be fully secure.

7 Cybersecurity Tips For Lawyers
05/20/2016

This past week, the world learned about the big hack of Biglaw. If your employer was one of the almost 50 firms prestigious enough to be targeted by Russian hackers… congrats?

The targeted firms tended to be transactionally oriented; the apparent plan of the hackers was to obtain confidential, market-moving information and trade on it. But litigators should be concerned as well. As noted by Logikcull, the discovery automation platform, ediscovery is the next frontier for hackers.

It’s not clear that any information was actually taken or used for insider trading in the big Biglaw hack, but it might still generate headaches for the firms — in the form of litigation. Noted class-action lawyer Jay Edelson — known to the general public for suing tech giants, and known to Above the Law readers for suing ExamSoft (and winning a hefty settlement) — has announced plans to file class-action malpractice cases against various firms, alleging inadequate cybersecurity.

Meeting Cyber Security Challenges through Gamification
05/18/2016

When it comes to cybersecurity issues, we always seem to be dealing with either shortages or excess. Everywhere there is talk of how data breaches are growing in number, size, severity and cost, and there are always too many new security holes, vulnerabilities and attack vectors that need to be fixed.

On the other hand, there’s a widening cybersecurity talent gap to fill vacant posts. We never seem to have enough tools to deal with new threats and malware that are sprouting on a daily basis, and there’s not enough data to make smart assumptions and decisions (or in some cases, too much data and too many false positives to find the real threats). And awareness about security matters among employees, staffers and executives in firms, associations and agencies is always at abysmal levels.

With the dark shadow of bigger security incidents constantly looming on the horizon, both government agencies and private firms are always looking for new ways to meet the challenges and overcome the many shortages the cybersecurity industry is facing.

Looking to Improve Cyber Security? Fire some CEOs
05/16/2016

More than 90 percent of corporate executives said they cannot read a cybersecurity report and are not prepared to handle a major attack, according to a new survey.

More distressing is that 40 percent of executives said they don't feel responsible for the repercussions of hackings, said Dave Damato, chief security officer at Tanium, which commissioned the survey with the Nasdaq.

Better Cyber Security a must for Banking Sector
05/15/2016

Strengthening cyber security in the banking sector is a must, especially with regular innovations happening in the ICT sector, analysts said yesterday.

Almost all banks launched online services without taking proper precautions, and most of their IT systems are outsourced from private vendors, said Mahbubur Rahman, associate professor of Bangladesh Institute of Bank Manage-ment.

Lack of skilled manpower is a major problem in the banking sector, said Omar Farooq, head of IT at Eastern Bank.

They spoke at a programme on cyber security organised by PricewaterhouseCoopers (PwC) at Sonargaon Hotel in Dhaka.

Cyber Power
05/13/2016

The cyber revolution is at its height. The meeting point between the power of thought and connectivity is changing our world, and affecting all spheres of life, as individuals and as a nation. Israel's power in science and technology is creating a great opportunity to position ourselves in the forefront of cybernetic innovation.

Together with the opportunities, there are also risks. Everything is penetrable in the cyber era: our personal details, commercial and defense secrets, national infrastructure - anything can be stolen, disrupted and destroyed. The worst cyber attacks against organizations and countries in recent years around the world have taught us an obvious lesson - cyber defense is an essential condition for national security and economic growth in the 21st century.

Israel has been one of the first countries to prepare systematically and with determination for this challenge. Five years ago, I set the goal of making Israel one of the five leading global cyber powers.

5 Security Hacks That Simple Technology Could Have Prevented
05/11/2016

Passwords, which are designed to create security, have become the weakness that hackers have used in 85 percent of hacks over the last decade. These breaches can be very costly. Lots of companies, for instance, have lost millions of dollars in the past because of it. Some individuals have had their identities stolen. Many celebrities have gotten their images damaged. Worse still, some vital and top secret government information has equally gotten exposed due to these security breaches.

As a result, there is a movement in the tech security industry to move away from password-based security altogether. Wiacts is one of the firms pushing this move.

In a recent blog post, they named the top 10 hacks that their tech would have prevented. I asked Yaser Masoudnia, their CEO, to comment on some of those hacks. And below are what he had to say about them:

Airports Look at Technology to Extend Security
05/09/2016

The mass casualties caused by last week’s attacks in Belgium are spurring interest in tools to enable police to spot suicide bombers and other potential attackers from afar—as well as a warning that technology alone isn’t a fail-safe.

The blasts in the departures hall at Brussels Airport, which killed at least 16 people, showed the contrast between the wide-open landside of airports and the tightly secured airside, after passengers and their bags have been screened.

Long security lines await at American airports this summer
05/08/2016

Here is a maths question. If the number of people moving from point A to point B increases by 9%, and the number of gates they can pass through decreases by 10%, what happens to the time it takes for them to complete the process? On second thoughts, forget the maths. For airline passengers this summer, it is only important to know that it goes up. Way up.

This is essentially what has happened at Americas airports. In the past three years, the number of Transportation Security Administration (TSA) screeners has declined from 47,147 to 42,525. Over the same time period, the number of passengers has risen from 643m a year to more than 700m.

Police issue security warning over Santander cashpoints
05/06/2016

Police have warned people in Lancashire and Wilmslow, Cheshire, not to use Santander cash machines over fears they have been compromised.

The warning follows reports of suspicious devices on the bank’s machines across Lancashire last week.

Officers are concerned that criminals have targeted the machines in an attempt to steal card details and cash, and urged those who have lost money to contact the bank.

Fallout From The Nuclear Security Summit
05/04/2016

The Nuclear Security Summit that just ended Friday in Washington, D.C. wrangled over several thorny nuclear proliferation and terrorism issues, and involved over 50 countries. But the two countries on everyone’s mind were China and Russia. China, because they have started on the world’s largest nuclear build-up in 50 years. And Russia, because they decided not to attend at all.

The fourth Nuclear Security Summit, in the series begun by the Obama administration, showcased definite successes, particularly the significant global reduction in nuclear weapons, the global reduction in nuclear material stockpiles, the increased security on nuclear facilities, the dozen countries that are now free of weapons-grade materials, a newly-amended nuclear protection treaty, and the historic nuclear deal with Iran that has, so far, gone as planned.

How security pros blunted alleged Iran cyber attacks
05/02/2016

New criminal charges linking Iran to 2011-2013 cyber attacks on the U.S. put suspects' names and faces on an episode that plagued 46 banks and financial institutions nationwide — and hundreds of thousands of their customers.

Account holders who logged in online encountered blank screens, dropped connections or extremely slow responses, security experts said in interviews Thursday, hours after authorities announced indictments of seven suspects with ties to the Middle East nation's government and its Islamic Revolutionary Guard Corps.

Google Beefs Up Its Gmail Security Features
04/29/2016

Google is rolling out an updated security warning system this week for Gmail users that the company says is designed to make sure they do not fall victim to cyber attacks.

The first security warning will be triggered when a user clicks on a link in Gmail that Google suspects to be dangerous.

A second enhancement gives suspected targets of state-sponsored hacking attempts a full-page warning along with information on how to protect their accounts. The new full-page alert is in addition to Googles existing warning, which shows up as a red strip with a link at the top of a suspected victims Gmail page.

Suspected state-sponsored hacking attempts are rare and impact 0.1 percent of Gmail users, according to Google's online security blog.

Telecom Partners Say Cloud Security Is Top Of Mind In Wake Of Verizon Breach
04/27/2016

Verizon Enterprise Solutions is the latest victim of a data breach that affected more than a million of its enterprise customers, news that partners believe will have wide-ranging implications on telecom and cloud security solutions.

First reported by security journalist Brian Krebs, the breach allowed hackers to collect information on an estimated 1.5 million enterprise clients, including basic contact information. Verizon said in the report that no customer proprietary network information or other data was accessed. The data was found for sale on an underground cyberforum.

New Research Grants for Stevens Total More than $5 Million; Focus on Homeland Security, Defense and Cybersecurity
04/25/2016

The number of research grants awarded to Stevens Institute of Technology since February 1 total more than $5 million, with the bulk of the awards coming from the U.S. Department of Defense (DoD) and U.S. Department of Homeland Security (DHS).

The largest award ($2.75 million) came from the DHS to support a multi-year program to develop and deploy a system of sensors that would defeat small and medium Unmanned Aerial Systems (UAS), commonly known as drones, to protect critical infrastructure and people. The Stevens research team, led by Dr. Hady Salloum, director of the DHS S&T Center of Excellence for Maritime Security at Stevens, will provide key elements of this program, including the development of a test bed, development and demonstration of an acoustic sensor solution, and contributions to other program efforts including modeling and simulation.

BitQuick Taken Offline
04/22/2016

Security is one of the major concerns when it comes to the bitcoin industry. There have been so many instances where the security of bitcoin platforms was breached by hackers, making away with loads of bitcoin. The history has taught bitcoin businesses not to compromise on the security of their products, as it may end up causing some serious damage to their reputation. Even with bitcoin exchanges and wallet providers implementing the best security features, they still face the threat.

Machine Learning and Security
04/20/2016

Machine learning and artificial intelligence (AI) are in the spotlight. Not only did funding in AI companies reach records heights last year, but we’re seeing it positioned as an antidote to improve just about every facet of our lives and businesses—from how we travel, to how we shop, to our health care. Big players like Microsoft and Google are also getting into the game, releasing open source frameworks to make taking advantage of machine learning a whole lot easier.

Websites Lack Security
04/18/2016

Every time you PayPal someone, or send a Gmail, or log into Facebook, a layer of encryption protects the information that zips across the Internet. These sites all use HTTPS, an added layer of security to the standard HTTP protocol that facilitates web communication. But as a new Google report shows, an alarmingly small number of the webs most-trafficked sites use this vital security protocol.

The Google audit shows that 79 of the webs top 100 non-Google sites don’t deploy HTTPS by default, while 67 of those use either outdated encryption technology or offer none at all. The worst offenders include big names, like the New York Times and IMDB.

UK Workers more Diligent about Cyber Security at Home
04/15/2016

UK employees expect an IT safety net to protect them at work and are more willing to take responsibility for security at home, a survey commissioned by Citrix has revealed

More than four in 10 UK workers regularly use passwords to secure home documents, but only one in three do so at work, a survey has revealed.

In a further sign of disparity in employee attitudes to work and personal data, 68% of workers said they shredded unwanted personal documents, while just 40% do so at work, according to a poll of 2,000 full-time workers in the UK commissioned by secure access firm Citrix.

Pay with Your Face? Amazon Tech Brings Security Questions
04/13/2016

Amazon may be looking at ways to let you pay for purchases with just a look. But experts warn that such systems have proven easy to fool in the past.

In a new patent application — U.S. patent No. 20,160,071,111, filed on March 10 — the company described a system that would let a user authorize a purchase using two things: an image of the persons face and a live motion to check that the image is actually the owner of the phone.

Security Solutions are Slowing Down our Systems
04/11/2016

Despite the inherent insecurities of the cybersecurity industry, a new report from Barkly, an endpoint security company, reveals that the biggest issue IT security teams have to face with current security solutions is that they slow down the system.

When asked about the options of productivity vs security and the potential downfalls of security solutions, 41 percent of respondents said that they were dissatisfied with their current solution, not because it failed to deliver security, but because it slows down their system.


If security products are slowing systems and by extension lowering productivity, then IT pros should consider whether or not their colleagues are taking insecure shortcuts to improve efficiency, such as using unauthorized third-party apps or connecting unsanctioned devices to the network.

Computers Can Be Hacked to Send Data as Sound Waves
04/08/2016

A team of security researchers has demonstrated the ability to hijack standard equipment inside computers, printers and millions of other devices in order to send information out of an office through sound waves.

The attack program takes control of the physical prongs on general-purpose input/output circuits and vibrates them at a frequency of the researchers' choosing, which can be audible or not. The vibrations can be picked up with an AM radio antenna a short distance away.

Uber Has a Secret Security Hotline
04/06/2016

If you are having an emergency in an Uber, theres a secret hotline to get in touch with them, according to Business Insider.

A secret hotline that Uber has been denying exists–it does not call it a hotline–does not sound very useful, but the company now says has been tested in 22 cities around the country.

The hotline is 800-353-8237 (UBER), and customers who call that number in an emergency will go directly to a customer service human being.

Inkjet Can Spoof Mobile Fingerprint Security
04/04/2016

Researchers have spoofed biometric fingerprint security in two models of mobile phone using nothing more than an inkjet printer.

The fingerprint is a popular method of identification due to the fact that there are no two identical fingerprints among the seven billion people on the planet, but it is by no means impregnable.

The Cloud and Security
04/01/2016

Security concerns are undoubtedly the major hurdle for widespread cloud adoption; indeed, a massive 90 percent of firms surveyed by Information Security in 2015 stated security was the biggest factor preventing organizations from moving to the cloud. No one is about to wave a magic wand in 2016 and make that go away.

Intel Security Guru Says Regulating Encryption Is Difficult
03/30/2016

Encrypting digital data should not be considered a moral issue of good and evil. Rather, it is a nuanced legal issue that may not be covered under existing law.

Thats one of the takeaways from a discussion about cybersecurity and data with Steve Grobman, the chief technology officer for Intels security group. Grobman explained during the Structure Data conference in San Francisco on Thursday that encryption is really just complex mathematics, which makes it a difficult thing to legislate.

Tips When Running a Security Company
03/28/2016

The dump, in a hacker e-zine format, begins with a note from the attacker. Sarcastically titled TIPS WHEN RUNNING A SECURITY COMPANY, it details the security holes found during the breach:

Use one root password for all the boxes
Expose PDUs [power distribution units in server racks] to WAN with telnet auth
Never patch, upgrade or audit the stack
Disregard PDO [PHP Data Objects] as inconvenient
Hedge entire business on security theatre
Store full credit card info in plaintext
Write all code with wreckless [sic] abandon

Wells Fargo Eye Scanning
03/26/2016

Eye scanners have long been the stuff of sci-fi and action flicks, safeguarding everything from classified data to secret lairs.

Soon, though, they'll be used in the real world to protect something more mundane: your bank account. Or, more precisely, your company's much larger one.

Starting this summer, San Francisco banking giant Wells Fargo & Co. will let corporate clients sign in to the bank's commercial banking app using either an eye scan [pictured above] or a face- and voice-recognition system.

Android Security
03/24/2016

Highlights of the March 2016 Android Security Update

There are 16 issues in the update: 6 are Critical, 8 are High, and 2 are Moderate. The vulnerabilities I list below illustrate the variety of fixes Google has patched this month.

Critical vulnerabilities

The security updates range from privilege vulnerabilities, remote code execution vulnerabilities, remote denial of service vulnerabilities, and mitigation bypass vulnerabilities.

The most critical issue was remote code execution vulnerabilities in Mediaserver and libvpx. The flaw could have allowed a third party to use MMS media or browser playback media to execute malicious code on either a smartphone or a tablet. Google has released fixes for all iterations of Android, going back to 4.4.4.

Elevation of Privilege in Conscrypt: This vulnerability could allow a specific type of invalid certificate (one issued by an intermediate Certificate Authority) to be incorrectly trusted. This particular vulnerability would allow man-in-the-middle attacks, as well as an elevation of privilege and remote arbitrary code execution.

Elevation of Privilege Vulnerability in MediaTek Wi-Fi Kernel Driver: The Wi-Fi kernel driver contained a vulnerability that could enable a local malicious application to execute arbitrary code within the kernel, thus allowing elevation of privilege.

Chrome Update Patches Some Major Security Vulnerabilities
03/22/2016

This week, Google released the latest stable update for its Chrome browser addressing three high priority security vulnerabilities. Version 49.0.2623.87 of Chrome is available now for Windows, Mac and Linux computers, and although Google is not willing to discuss the fixes in detail, a recent blog post explains the basics of the bu

IRS Shutdown Identity Protection PIN Tool
03/20/2016

The IRS has issued a notice about the temporary suspension of use of its Identity Protection PIN tool. According to the notice, the use of the IP PIN tool on the IRS.gov site has been suspended as part of its ongoing security review. It has announced a possible security breach.

A recent attack on the website that resulted in the breach of an IRS contractors system—exposing 101,000 taxpayers Social Security numbers and other data—prompted an IRS security review. The IRS designed the Identity Protection PIN tool to safeguard people at higher risk of becoming the victims of fraud because of sensitive personal information leaked in commercial data breaches, by providing them an additional layer of security. Instead, the tool was being used by the scammers for the very purpose of identity theft.

Hackers Breach Ku Klux Klan Website
03/18/2016

A website run by the Ku Klux Klan has been downed as part of what appears to be a significant breach of its host and security provider Staminus. The company, which promises to protect users from distributed denial of service (DDoS) attacks, was exposed by a crew going by the name of FTA, which leaked data online yesterday.

Dumped information included customer contact details and password hashes (the result of taking the plain text password on running it through a one-way algorithm to garble the text). The hackers also claimed to have accessed unencrypted credit card details, though FORBES could not verify that claim.

Where European Countries Stand on Privacy Versus Security
03/17/2016

In the wake of the San Bernardino shootings that left 14 people dead and 22 others wounded, the debate over encryption between tech companies and law enforcement has reached a fever pitch in the US. The FBI wants Apple to help it crack into the iPhone of Syed Rizwan Farook who, along with wife Tashfeen Malik, carried out the ISIS-inspired attack in December.

Apple has refused, saying that its job is to protect the privacy of its customers. The company contends that the debate should not be framed as privacy or security, but privacy and security. With both sides digging in their heels, the case looks destined for the Supreme Court. Meanwhile, lawmakers in some European countries are taking new steps to broaden government access to big data.

European countries have different stances on digital security, but generally are more willing than the U.S. to grant governments access to personal data.

Security Problems in Prisons
03/16/2016

Correctional officers in state prisons may soon be using pepper spray to quell potential fights with and among inmates.

They are deploying portable metal detectors to better ferret out homemade knives.

And they plan to cut the use of canned goods in prison commissaries, thus denying troublemakers the use of sharp metal lids that can be turned into weapons.

Despite these increased security efforts, lawmakers had plenty of questions during a budget hearing Thursday for Acting Corrections and Community Supervision Commissioner Anthony Annucci.

Security Flaws in Fitness Trackers
03/14/2016

On February 2, 2016, cybersecurity researchers at the nonprofit organization Open Effect and the University of Toronto released a report called Every Step You Fake that outlined the privacy flaws of fitness trackers. The privacy issue isn not usually found in traditional trackers that only report their data on their own screen or a personal computer. Researchers studied eight wrist-style fitness trackers by well-known companies Apple, Basis, Fitbit, Garmin, Jawbone, Mio, Withings and Xiamoi and found that devices linked to mobile apps and online sync options posed the greatest security risk.

One huge flaw is that some devices offered zero encryption when sending data online making it incredibly easy for hackers to read and alter the data. The Bluetooth technology attached to most devices also emits signals that allow remote geo-tracking even when users are not trying to transmit data.

Lastly, the researchers found that many users automatically agree to privacy policies that undermine their privacy just by turning on these tackers. Some companies state in their privacy policies that they can share/sell user data, often in the form of non-identifying aggregate data, to third-parties that are interested in knowing a variety of information about their target audiences.

Apple is overdoing a security check by bricking peoples iPhones and iPads
03/11/2016

Apple is getting flack for a security check in recent iPhone and iPad models that can disable all use of a device when it has been fixed by a non-Apple-certified repair person.

Apple says this error is the result of a security procedure that checks whether a Touch ID sensor in the home button—which enables fingerprint recognition—has been tampered with.

How Mobile Technology Will Increase Stadium Security
03/09/2016

In the months and years following September 11, one of the most noticeable changes was the experience of going through an airport — longer lines, no liquids, taking off your shoes. What used to feel out of the ordinary is now expected.

After the tragedies in Paris targeting live entertainment venues, the Stade de France and Bataclan concert hall, the experience of attending a live event in the U.S. changed. The NFL increased police presence and the NBA and NHL both had new guards posted at the entrance to games.

Unfortunately, increased on-site security comes at a high cost to teams and the professional leagues; and the added lines and wait time can hurt the fan experience. Unlike the travel industry, where consumers have to endure the airport experience in order to travel by air, fans could easily choose to just stay home. The live event industry must then rethink its approach to security.

When Security Products make Systems less Secure
03/07/2016

There has been an increase in reports pf security products recently which make user systems less secure when they are installed, used or even just present on the system.

Many antivirus companies have added tools and products to their security programs in recent years to increase the perceived value of the product, add new features to them that users may find useful, and to add new revenue opportunities in form of custom search deals.

It is quite common for instance that companies deploy browser extensions on systems that change the search provider, new tab page or home page. Others have created custom versions of the Chromium browser to improve user security while the browser is being used, often calling these custom browsers secure or safe to indicate that.

Google started to analyze browser extensions and custom browsers recently and the results are quite disturbing.

The three custom Chromium-based browsers the company analyzed were found to weaken security instead of improving it

Do Not Be Hacker Bait: Do This One-Hour Security Drill
03/04/2016

Ask a hacker if your digital security is at risk, and the answer is always yes. You could hide in a mountain bunker lined with tin foil and twigs, and somebody still might drain your bank account.

1. Update Your Software
2. Fix your passwords
3. Encrypt your drives
4. Bolster your browser privacy
5. Conduct an app census

Cyber security expert in warning to Northern Ireland over education
03/02/2016

A cyber security expert says Northern Ireland could be at a disadvantage because pupils are not studying the best courses available.

It is estimated that cyber crime costs the local economy more than £100m a year.

Zika: Why Biotechnology is Imperative to National Security. Analysis of Genotype Specific Bioweapons
02/29/2016

When we think of national security, we think of tanks, jets, missile defense systems and more recently, information space. But what about the realm of the microscopic, the biological or the genetic?

Whether you think biotechnology, genetics and microbes constitute another plane upon the modern battlefield or not is irrelevant. Someone else already does, and they have a head start on the rest of the world.

Germany Struggles to Assess Security Threats Ahead of Carnival
02/26/2016

In Cologne, a top destination in a region known for its big Carnival celebrations, police are doubling their presence from 2015 and boosting video surveillance of the parades and raucous street parties that precede the season of Lent and define one of the biggest open gatherings of the year.

The stepped-up efforts aim to reassure a public unsettled by a perceived crime spike and repeated terror threats. Yet behind the show of force, German security officials make little secret of their concern that the country is barely beginning to address the security challenge posed by last year’s record inflow of migrants.

iRobot Has Sold Its Defense And Security Business
02/25/2016

In an effort to divest itself of the defense and security market, iRobot has sold its D&S assets to form another company dedicated to all things military. The new company is led by CEO Sean Bielat, a former Marine officer.

Cloud Security
02/23/2016

Fear characterized the early days of cloud adoption – some of it justified and some purely sensational. The concept of sending data off the corporate network and thus outside of existing security technology spooked IT security professionals. But now that cloud has matured, one of the greatest barriers to adoption has become a people problem.  

This  growing confidence in the security capabilities of cloud providers reinforces Gartners prediction that in 2016, 95% of cloud security incidents will be the customer’s fault. Enterprise cloud providers’ entire business model depends on preventing breaches, and they have more resources and top talent to dedicate to security. But now that the cloud is secure enough for sensitive data, can cloud customers hold up their end of the shared liability model?

Security Experts Say That Hacking Cars Is Easy
02/21/2016

Security researchers from the University of Washington and the University of California, San Diego took to the stage at a conference on Tuesday to describe how they were able to remotely break into vehicle electronics through an array of security holes. Speaking at the Enigma Security Conference in San Francisco, they discussed how cars have evolved over the years into computers on wheels that crafty hackers can penetrate under the right circumstances.


Home Security
02/19/2016

Security is the major concern for industry verticals such as commercial areas, residential areas, and public places. The major reasons behind this are the alarming crime rates on global basis and unethical practices. With regards to this, electronic security equipment is expected to find potential opportunities in this market.

The entry level of security solutions in the residential sector has been witnessing a rapid growth since the last few years. There are several factors that can be attributed to this growth, such as increase in home burglary rates, attractive insurance policies to residents for installation of security solutions, and growing number of smart phone and tablet users.

Despite the numerous advantages offered by home security systems, lack of awareness about technological encroachments and a high installment cost of security solutions are some of the important restraints toward the growth of the home security system solutions market. A rise in the awareness level among consumers and increased adoption of new technology for home security would gradually result in cost reduction of the solution, thus driving the market for home security solutions.

TalkTalk Cyber Security
02/17/2016

Last October broadband provider TalkTalk was hacked for the third time in the space of just a year. The company, which has around four million customers in the UK, was initially unable to confirm whether the stolen customer data was encrypted or not, fuelling public outrage and landing them with a total bill of £35 million as a result.
Unfortunately, this attack is not an isolated incident. It follows a long line of similar attacks that have recently affected companies as varied as Sony, Carphone Warehouse and the infamous Ashley Madison.

Security Debt Collectors and Data Miners
02/15/2016

Vehicle surveillance broker Vigilant Solutions has offered Texas law enforcement agencies free access to its massive automated license plate reader databases and analytical tools— but only if the police give Vigilant access to all of their data on outstanding court fees and hand the company a 25 percent surcharge from money collected from drivers with outstanding court fines. Vigilant also gets to keep a copy of any license-plate data collected by the police, even after the contract ends, and can retain it indefinitely. The EFF warns that it turns police into debt collectors and data miners.





Current Blog

2016 Security Blog Archive
April Archive
March Archive
February Archive
January Archive

2015 Security Blog Archive
November / December Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2014 Security Blog Archive
November / December Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
Jan & February Archive

2013 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2012 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2011 Security Blog Archive

December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2010 Securty Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2009 Securty Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2008 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
July-August Archive
May-June Archive
April Archive
March Archive
February Archive
January Archive

2007 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2006 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive


Security Alerts
Locate security alerts, and security feeds via a security rss feed directory.