Security Port

Security Forums
Security Articles
Security Port Blog
Security Blogs
Security Books
Security Glossary
Security Definitions
Security Directories
Security Wikis
Security Tradeshows
Security Newsletters
Security Alerts
Buyers Guides
Security Newsgroups
Security Organizations
Submit Security Sites
Security Magazines
Security Feeds
Security News
Security Software
Security Products
Search Databases


Security Port
Contains relevant information that pertains to security related issues and solutions.

Security Port

A Security Port Blog
American Competitiveness an Issues of Security
12/01/2012

The American Security Project released a new report analyzing the issues of our national competitiveness. The report clearly lays out urgent social, political and economic challenges and links these with our national security.

The report details the issues with: business climate; infrastructure; national debt; labor market and immigration; defense industrial base; and, education and healthcare.

Samsung Printer Vulnerability
11/29/2012

The United States Computer Emergency Readiness Team, part of the National Cyber Security Division of the Department of Homeland Security, has reported a vulnerability in certain Samsung printers that could allow a remote attacker to take control of an affected device.

According to a newly released vulnerability report, Samsung printers, as well as some Dell printers manufactured by Samsung, contain a hardcoded SNMP full read-write community string that remains active even when SNMP is disabled in the printer management utility. In plain English, there is a backdoor administrator account embedded in the printer's firmware that could enable a hacker to remotely control the device.

Data Security Concerns
11/28/2012

While organizations continue to adopt cloud computing solutions, data security remains an issue, according to survey of enterprises commissioned by Asigra and performed by the customer metrics and research organization, TechValidate.

The survey found 21 percent of respondents cited data security as the biggest concern while the location of where the data was stored came in at 7 percent. Backup related costs, user-related data loss and service provider stability all ranked at 3 percent. Overall, 59 percent said that all of these were concerns with respect to storing data in the cloud.

Microsoft 8 Is Not Invulnerable
11/21/2012

Microsoft Windows 8 has gotten some good grades from many security pros, but the operating system's defenses are not invulnerable to todays malware, a BitDefender study has found.

State Computer Security
11/20/2012

A month after state officials learned of a massive data breach at the Department of Revenue, officials are still discussing what security measures to take to protect all of the states computer systems.

Email Access
11/19/2012

Some of the most powerful foreign spy agencies would love to have an opening, however small, into the personal email account of the man who runs the U.S. spy service.

The beginning of the end came for CIA Director David Petraeus when Paula Broadwell, with whom he was having an affair, started sending harassing emails to another woman. The emails were traced to Broadwell and eventually led the FBI to discover the affair, U.S. officials said Saturday.

The FBI investigators were not pursuing evidence of Petraeus' marital infidelity, but their examination of his emails raised the possibility of security breaches that needed to be addressed directly with him.

Female Hackers
11/18/2012

Computer security conferences tend to be male-dominated affairs. It's not that women aren't present, but just not anywhere near their normal proportional representation in society.

A hacking contest only for women was held at the Power of Community (POC2012) security conference in Seoul.

To address the disparity, the Power of Community (POC2012) security conference in Seoul held the final round of a hacking contest on Thursday appropriately called the Power of XX, a women-only skills battle intended to spur interest in the field and also at a level that was not overwhelming.

Secure Blackberries
11/17/2012

Research in Motion has won key government security certification for its BlackBerry 10 operating system months ahead of its launch, allowing the smartphone to be used in secure government workplaces.
The FIPS 140-2 certification signals that U.S. and Canadian government agencies, along with private firms, can deploy BlackBerry 10 smartphones as soon as they launch, with a guarantee that data stored on the devices is appropriately secured and encrypted.

Clever Online Criminals
11/16/2012

Online criminals are becoming ever cleverer in their quests to separate us from our money, with Symantec issuing its top security threat predictions for 2013 to warn us of the danger and help us fight back against ransomware, madware and more!

With technology such an integral, embedded and highly connected part of our everday lives, it should come as no surprise to see that criminals are finding ever newer and more effective ways to hold our digital lives and data to ransom.

Twitter Security
11/15/2012

If you know anything about phishing, you know that a common tactic is to send an email -- under the guise of a commonly used service -- that includes some kind of provocative come-on. Sometimes the email will say that an account has been compromised and that a password reset is required. The idea is to get people to click through to a site and give up their personal info.

But what if a real company sends a real email warning to users that they may have been compromised by a phish from a fake company using a bogus email? Confused?

So were Twitter users on Thursday after all of this happened to them. Here are five things you should know about the alleged Twitter hack, and some things you can do to stay safe (or at least safer).

Hacked at a Security Conference
11/14/2012

A European official says her staff members were hacked when they joined her for a conference on Internet security in Azerbaijan.

European Commission Vice President Neelie Kroes said in a blog post Saturday that her advisers' computers were compromised as they attended a meeting of the Internet Governance Forum in Baku, the Azeri capital.

Her spokesman, Ryan Heath, said the attack occurred while they were in their hotel.

Heath said he and a colleague got messages from Apple Inc. warning them that their computers had been accessed by an unauthorized party, something he said he believed was an attempt to spy on him.

How Much Access Was Granted?
11/13/2012

The Associated Press reports that some in the CIA had worried at how freely their director had invited her into his world, and at the spotlight-seeking Broadwells care with what she learned.

But her access was unsettling to members of the secretive and compartmentalized intelligence agency, where husbands and wives often work in different divisions, but share nothing with each other when they come home because they do not need to know.

Who Will Become Head of the CIA?
11/13/2012

So who might be the replacement for David Petraeus? The rumor mill was in full swing Friday after the CIA director stepped down, saying he had an extramarital affair.

One person being discussed is Michael Morell, the now acting CIA director, who could be named to the position permanently.

Sex and National Security
11/12/2012

The scandal that brought down CIA Director David Petraeus started with harassing emails sent by his biographer and paramour, Paula Broadwell, to another woman, and eventually led the FBI to discover the affair, U.S. officials told The Associated Press on Saturday.

Petraeus quit Friday after acknowledging an extramarital relationship.

The official said the FBI investigation began several months ago with a complaint against Broadwell, a 40-year-old graduate of the U.S. Military Academy and an Army Reserve officer. That probe led agents to her email account, which uncovered the relationship with the 60-year-old retired four-star general, who earned acclaim for his leadership of the wars in Iraq and Afghanistan.

Shoppers Beware of Security Theft
11/13/2012

Internet retailers expect more than 50 percent of all holiday purchases to be made online this year. So, how can one buy online safely without being taken to the cyber cleaners?
Twelve simple tips for online holiday shoppers:

Security Threats from 100K Android Apps
11/13/2012

A mobile security report from security vendor Bit9 said that 100,000 applications it examined on Google Play were questionable or suspicious due to the types of permissions they requested, the reputation of the applications publisher and other factors.

Whitey Bulger Hospitalized
11/12/2012

Security has been heightened at Boston medical Center due to the admittance of a high-profile inmate, Whitey Bulger.

Massachusetts State Corrections officers are working in shifts at Boston Medical Center while Whitey Bulger is there for treatment.

Sources tell 7News that U.S. marshals are also inside guarding the 83-year-old former mob boss. Bulger was reportedly brought in this morning, four months before his trial is set to start.

Microsoft Off the List of Security Threats
11/11/2012

Microsoft has suffered through more than a few security embarrassments over the years, but at least according to Kaspersky Labs, the Redmond based software giant is back in control. The security researchers have named the top 10 offending companies/products, and for once, Microsoft has been knocked off the list thanks to improvements in Windows 7 & 8. Automatic update mechanisms are citied as the top reason for the high profile exclusion, and have indeed done an amazing job of keeping hackers at bay.

Irans Threat
11/10/2012

Irans quest for a nuclear weapon has been the subject of much debate this election season, but the presidential candidates rarely discuss the most imminent danger Iran poses to the United States: cyberwarfare.

Iran is believed to be behind a slew of massive attacks in September that took down a string of U.S. banks websites. The country is also thought to have launched a devastating cyber time bomb on Saudi Oil company Aramco in August and to have coordinated a similar attack on Qatars RasGas, an Exxon Mobil.

The bank attacks were 10 to 20 times bigger than a typical denial of service attack, and doubled the previous record for traffic maliciously directed at a particular site, according to CrowdStrike, a security firm that investigated the attacks. The Aramco attack, set to go off on an Islamic holy night, unleashed a virus that destroyed about 30,000 corporate computers -- three-quarters of the companys PCs.

Security and Android
11/09/2012

Android 4.2 offers improved protection from rogue apps installed via third-party stores.

As the Android operating system grows in popularity,  viruses, Trojans, and other nefarious apps targeting the OS are on the rise. Fortunately, the recently unveiled Android 4.2 brings with it the launch of the new and more powerful security system integrated into the operating system.

The core component of the new Android 4.2 security suite is a real-time app scanning platform  designed to check running apps before any rogue software can install any malicious code.

Interestingly, the new security features in Android 4.2 appear to fit well with various security measures that Google implemented on the Play Store earlier this year. Indeed, the security on the Google Play Store resides on the server side and constantly analyzes uploaded apps.

Fake Boarding Passes
11/08/2012

More than 11 years after the Sept. 11 terrorist attacks, it remains possible to use fake boarding passes to get through airport security checks, according to new evidence from security researchers and official documents.

The security vulnerabilities could allow terrorists or others on no-fly lists to pass through airport checkpoints with fraudulent passes and proceed through expedited screening. They could even allow them to board planes, security analysts warn.

The Washington Post was alerted to the vulnerabilities by concerned passengers and verified them through independent security experts. At the request of U.S. officials, The Post is withholding details that would make it easier for the vulnerabilities to be exploited.

Psychologists and Security
11/07/2012

Psychologists with an understanding of IT security is an asset to organizations in terms of helping craft corporate policies and profiling of where possible threats may emerge. However, there is a limit to what they bring to the table and how effective they can be in deterring or fighting against online risks.

Joseph Steinberg, CEO of security firm Green Armor Solutions, had suggested enterprises leverage the expertise of psychologists when it comes to enhancing their cybersecurity posture. This is because many modern online attacks exploit human weaknesses, and these psychologists can help prevent these, he noted.

Psychologists understand how the human mind works and what types of information is easily retained, so they will be able to help design anti-phishing technologies that will be more effective than technologies designed solely by engineers, Steinberg explained.

US Election!
11/06/2012

US Election Day! Be sure to vote if you are a US citizen of voting age.

Benghazi Security
11/05/2012

Benghazi has been the loudest specific foreign-policy difference of the campaign, and it keeps getting more serious.

The administrations line on Benghazi has been plainly false. John McCain has called it worse than Watergate. He is right. Basic executive-branch responsibilities have been neglected. Deaths have resulted.

The information developed last week by Fox News correspondents, indicating repeated refusals of real-time help for our besieged people in Benghazi, adds a new dimension to the issue. Critics now speak of mistakes and mendacities before, during, and after the attack. In this panoramic context, we see a pattern: pre-attack negligence and reticence, in-attack negligence and reticence, post-attack mendacity. And, going further back, we can find pre-intervention reticence as well. And intra-intervention reticence. A continuous syndrome over months and years, one that indicates a continuous motivating cause, not a mistake in the sense of an accident.

Easing Security on Fuel
11/05/2012

Homeland Security Secretary Janet Napolitano on Friday temporarily waived a maritime rule to allow foreign oil tankers coming from the Gulf of Mexico to enter Northeastern ports to help ease a fuel shortage in the areas hardest hit by Superstorm Sandy.

Napolitano waived — until Nov. 13 — the Jones Act. This law prohibits international cargo ships from transporting oil and other cargo between U.S. ports until Nov. 13.

Credibility Online
10/30/2012

Credibility online is becoming more and more of an issue. Anyone can have a blog or post to a forum and anyone can edit wiki entries. Web surfers are beginning to comprehend that just because it is in print does not necessarily mean that it is true. In fact, in today's online world, the collective truth might be the closest thing we can get to the real truth. Peer policing and social bookmarking have become common in the online world.

Credibility Online

Anonymity of the Internet
10/29/2012

Attempting to legislate the Internet will not work, as the Internet is global and covers areas where no single governments rule applies. The jurisdiction issues make the Internet a haven for fraudulent and illegal activity.

Child exploitation and the rise of Internet related crimes is increasing. Child exploitation has no boundaries; pedophiles exist in every socioeconomic, ethnic and religious community. Consider these statistics, 20% of children online are approached sexually online. 89% of those advances take place over instant messaging. Online predators prowl, rebellious teenagers are opportune targets, and shared personal details often make them become victims.

Anonymity of the Internet

Airport Security
10/28/2012

Airport security needs to undergo a radical overhaul or else passengers will become further disgruntled, lines will grow and terminals will be overwhelmed, airline executives said Tuesday at a global aviation conference.

Spy on Your Competition
10/27/2012

It is important to realize that while monitoring your competitors is essential, it could easily become an obsession. Therefore, it is crucial that you strike a balance when incorporating it into your business plan. There are several ways to conduct successful stealth competitive intelligence operations. While it is fanciful to imagine yourself as a secret agent or spy, none of these techniques are difficult, hidden or secretive. In fact, most of them are tools or services available to all businesses.

Spy on Your Competition



Current Blog

2012 Security Blog Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2011 Security Blog Archive

December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2010 Securty Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2009 Securty Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2008 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
July-August Archive
May-June Archive
April Archive
March Archive
February Archive
January Archive

2007 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2006 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive


Security Alerts
Locate security alerts, and security feeds via a security rss feed directory.