Security Port

Security Forums
Security Articles
Security Port Blog
Security Blogs
Security Books
Security Glossary
Security Definitions
Security Directories
Security Wikis
Security Tradeshows
Security Newsletters
Security Alerts
Buyers Guides
Security Newsgroups
Security Organizations
Submit Security Sites
Security Magazines
Security Feeds
Security News
Security Software
Security Products
Search Databases


Security Port
Contains relevant information that pertains to security related issues and solutions.

Security Port

A Security Port Blog
Turn your old Phone into a Security Camera
01/30/2015

The main thing you need is a smartphone (a tablet with a rear camera can work, too), a stand to keep the gadget upright and a monitoring app. Set up your gadget on the stand and point the camera in the direction you want to watch. Then start the app. If the app detects movement, it will alert you via email or text, take pictures of the thieves and even sound an alarm to scare them off.

If you already have an old smartphone or tablet lying around, you can be up and running in no time. You can also use your main smartphone if you want to guard something overnight while you are sleeping, like a hotel room door.

Russia and US Rift
01/29/2015

One of the greatest boons brought to the world by the end of the Cold War was the agreement been the US and the countries of the former Soviet Union to cooperate in securing the USSR’s vast nuclear arsenal.

Under the 1991 Cooperative Threat Reduction agreement, better known as the Nunn-Lugar programme after the two senators who persuaded Congress to pay for it 900 intercontinental ballistic missiles were destroyed, and over 7600 warheads were deactivated. Some 250 tons of bomb-grade fissile material, scattered across the disintegrating superpower, was locked up and put under guard, so it could not be stolen and sold to the highest bidder. Tens of thousands of former Soviet nuclear weapons scientists and technicians were found jobs and salaries to help reduce the incentives to offer their expertise to rogue states and terrorists.

All in all, a pretty big deal, whose benefits will only be fully appreciated in their absence.

Homeland Security issues blistering audit of security weaknesses at JFK
01/28/2015

The Department of Homeland Security has issued a blistering audit of security weaknesses at JFK Airport that sharply rebukes the TSA for stonewalling demands for data and trying to keep it secret from the public.

Gun Smuggling
01/27/2015

The authorities say that on Dec. 10, while 1.7 million other passengers were being routinely screened for weapons at security checkpoints in airports around the country, a man carrying a backpack containing 16 firearms with ammunition flew aboard a Delta Air Lines passenger jet to Kennedy International Airport in New York from Hartsfield-Jackson Atlanta International Airport. The suspect was arrested in New York that day after a monthslong investigation into gun smuggling to New York from Atlanta.

New Years Resolutions for Better Security in 2015
01/26/2015

The countdown is over and the confetti has been cleaned up. It is time to make resolutions for a better and improved me. Why should information security take a back seat to my health and personal goals? In 2015, I resolve to take charge of my data security and personal privacy.

What About 2014?
Before looking at my 2015 resolutions, I took a look at the list from 2014 to figure out how well I stuck to my goals. For my password I security, I resolved to use strong and complex passwords for everything, to adopt two-factor authentication where available, and to turn on protective features for mobile devices and networking gear. For networking security, I promised to download and install updates when they are ready and to run security software and tools. For my data security, I decided to encrypt my data while in transit as well as on my hard drive, and to back up data files regularly. And finally, I pledged to be careful about what kind of information I post online on social media platforms and what I save on cloud services.

Three Vulnerabilities That Rocked the Online Security World: 2014 in Review
01/23/2015

Three major vulnerabilities rocked the world of Internet security this year, including two high-profile bugs that jeopardized the security of HTTPS encryption itself. These vulnerabilities may have each cost sysadmins around the world some sleepless nights, but they also reinforced the idea that best security practices can protect users even where the software has bugs.

Cyber Security Professionals Predict Their Biggest Concerns For 2015
01/22/2015

With 2014 in the rear view mirror, it is fun to look forward to the year ahead and see if we can predict what may happen over the next twelve months. At the same time, predictions can prove to be very useful for businesses that are planning budgets and spending. So every December, cyber security experts begin to make their predictions on the future of information and network security.

FBI Bias
01/21/2015

The F.B.I. is subjecting hundreds of its employees who were born overseas or have relatives or friends there to an aggressive internal surveillance program that started after Sept. 11, 2001, to prevent foreign spies from coercing newly hired linguists but that has been greatly expanded since then.

The program has drawn criticism from F.B.I. linguists, agents and other personnel with foreign language and cultural skills, and with ties abroad. They complain they are being discriminated against by a secretive risk-management plan that the agency uses to guard against espionage. This limits their assignments and stalls their careers, according to several employees and their lawyers.

Employees in the program — called the Post-Adjudication Risk Management plan, or PARM — face more frequent security interviews, polygraph tests, scrutiny of personal travel, and reviews of, in particular, electronic communications and files downloaded from databases.

11 of the Biggest Home Security Mistakes
01/20/2015

1. Leaving doors unlocked.
2. Penny pinching when it comes to locks.
3. If you have a house alarm, use it. It should always be on.
4. Keep the garage locked at all times.
5. Do not leave ladders out.
6. Do not hide keys near the door.
7. Do not leave windows open.
8. Do not post your vacation plans or adventures on Facebook, etc....
9. Do not leave intact boxes, that expensive items like flat screen TVs came in, outside for trash pickup.
10. Make sure your valuables are not visible through windows.
11. Keep your house looking occupied at all times while you are away:

11 predictions for security in 2015
01/19/2015

Nation states vs. private sector
Nation-state cyber-attacks will continue to evolve and accelerate but the damage will be increasingly borne by the private sector.

The rise of integrated threat intelligence
Device revenue growth of almost 30% will create new vulnerabilities and security demands relating to both physical and digital environments. The expected convergence of IoT security and information security technologies, along with increased regulatory activity directed at protecting critical infrastructure, will drive demand for integrated threat intelligence capabilities, including IoT-related threat data feeds.

More money, much more scrutiny
Security budgets will see double-digit growth in sectors outside of banking and the defense industrial base.

The quest for a uniform threat language
The drive toward a common framework adopting a uniform language, such as Structured Threat Information Expression, will accelerate as a result of the complexity and challenges brought by the need to integrate IoT security data inputs for indicator of compromise (IOC) detection.

Pragmatic privacy
A maturing privacy debate will become more pragmatic and balanced. Prospects for responsible privacy policies and intelligence sharing legislation that would better protect our privacy may improve.

How CIA Spies Get Through Airport Security Without Blowing Cover
01/16/2015

A 2011 internal CIA manual that instructs operatives on how to get through some of the world's toughest airport security screenings without blowing their cover was released by Wikileaks this week.

The Top 15 Security Predictions for 2015
01/15/2015

1)      Symantec: Symantec led with this infographic offering ten 2015 security predictions – with attacks on the Internet of Things (IoT) and smart home attacks as their #1 item.

2)      Websense: After Websense analyzed the accuracy of their 2014 predictions, they led with healthcare data concerns on top of their Websense 2015 list.

3)      McAfee: McAfee Labs offered these 2015 threat predictions with percentages in an infographic form. They lead with state-affiliated cyber espionage attacks increasing in frequency.  

4)      FireEye: FireEye predicts we will see more mobile and web-based viruses, along with ransomware and Point-of-sale (PoS) attacks. They also point to big incident response failures coming.

5)      Trend Micro: Trend Micro offers an impressive (and free) 23-page PDF listing eight 2015 security trends. Some are scary, such as:Targeted attacks will become as prevalent as cybercrime. Some are obvious: New mobile payments will introduce new threats.

6)      Kaspersky: Kaspersky leads with how cyberattack tactics are changing with cybercriminals merging with APT groups.

7)      Sophos: Sophos was the most optimistic, leading with: Exploit mitigations reduce the number of useful vulnerabilities.

8)      We Live Security: Welivesecurity.com offered their list of trends and security predictions, which reads a lot like the other lists.

9)      Network World: Network World’s Jon Oltsik offers a very different list, which leads with the serious impact coming from the cyber skills shortage.

10)   CIO Magazine: CIO Magazine offered these 5 information security trends that will dominate 2015.

11)   GovCloud Network: Kevin Jackson, the CEO of the GovCloud Network, offered these interesting predictions on a wide range of items over at Dell.com. How about: Privacy will be more important than security?

12)   Computer Science Corporation: Tom Patterson, the cybersecurity leader at Computer Science Corporation (CSC), offered ten (kinda) trends that he called predictions at CSO Online. A helpful list. I like #8 – Transnational Crime Becomes More Concerning than Governments.

13)   Business Insider: Business Insider offers nine tech predictions worth considering for 2015 – and #4 states that the cyberattack era is just starting.

14)   Forbes: Forbes writer Jim Blasingame reports, “he Sony hack and subsequent corporate cyber-terror threat by North Korea will for the first time in history manifest in cyber-security practices of corporate America being elevated to de facto national security concerns.

15)   Business Spectator: The Business Spectator in Australia offers these five interesting tech trends that affect security – especially identity management and biometrics.  

Security in 2015: Will you care about the next big breach?
01/14/2015

Will 2015 be the year we learn to care about who to trust with our personal data? Experts have some dour thoughts on what's coming, even as US stores begin to support credit cards with more secure computer chips. There's going to be heightened risks from old threats like email phishing attacks, and new threats posed by the Internet of Things, the idea of having appliances, objects, and electronic devices all connected to each other and the Internet. Here is what to expect next year.

Smarter credit cards

Credit cards containing a computer chip and requiring a separate personal identification number are commonplace in many other developed countries, but have been held back in the US in large part because of the costs. Financial institutions have to pay more to make the new cards, and it's expensive for retailers to upgrade their payment terminals to accepted chipped cards. But they are expected to decrease some types of credit card fraud, a problem with current swipe-and-signature cards, because the chips are harder to counterfeit, according to a report from the financial research firm Aite Group.

Phishing goes mobile

Another risk that could get worse next year are phishing attacks, or malicious emails that try to trick you into clicking on a link, according to Steve Durbin, managing director of the Information Security Forum.

Testing Security
01/13/2015

On an early Monday morning when few people were around, Virginia Sams slipped a gun-shaped object into her sock and walked through a metal detector. She took one step back and one step forward, a quick march over a battle line of sorts. The machine reacted angrily, with beeps and blinking red lights.

The Transportation Security Administration supervisor repeated the choreography again, with a few adjustments: She moved the prop up and around her uniformed body more than a half-dozen times, ending the exercise at the top of her head. The machine again loudly protested.

Cyber Attacks
01/12/2015

There were almost 61,000 cyber attacks and security breaches across the entire federal government last year according to a recent Obama administration report.

And the number of cyber incidents involving government agencies has jumped 35 percent between 2010 and 2013, from roughly 34,000 to about 46,000, according to another recent report by the Government Accountability Office.

Top 5 cyber security mistakes to avoid online
01/09/2015

Gift cards were a popular Holiday present this year. But those who plan to redeem those cards online need to take some precautions.

Security experts have a few tips to keep hackers from getting your information.

Misake #1 Internet security expert Jeff Barto says shopping via public WiFi is one the top 5 cyber security mistakes people will make this holiday season. If you have to shop on the go he says turn your WiFi off and cell phones data network.

Mistake #2 is using an old version of your browser. The browser is the icon you click to use the Internet, Explorer, Firefox, Chrome. Now most update automatically but to check if you're using the most current version, simply go to www.whatbrowser.org.

Other mistakes include clicking on pop-up ads and searching for anything with the word cheap. The results could lead you to sites run by counterfeiters or companies without proper security protocols.

Which brings us to Mistake #5: forgetting to look for the s. Never enter your credit card number or personal information unless the website address starts with h-t-t-p-s.

Cyber Security May Be A Good Sector To Invest In For 2015
01/08/2015

Cyber Security stocks should continue to perform very well in 2015.
Recent breaches in the security of some major corporations show the need for more vigilance.

As we get closer to the start of the new year, many of us are thinking about where to invest our cash. Which companies or sectors are going to perform well in 2015, regardless of what the overall market does?

New Study May Add to Skepticism Among Security Experts That North Korea Was Behind Sony Hack
01/07/2015

On Wednesday, one alternate theory emerged. Computational linguists at Taia Global, a cybersecurity consultancy, performed a linguistic analysis of the hackers’ online messages — which were all written in imperfect English — and concluded that based on translation errors and phrasing, the attackers are more likely to be Russian speakers than Korean speakers.

Such linguistic analysis is hardly foolproof. But the practice, known as stylometry, has been used to contest the authors behind some of history’s most disputed documents, from Shakespearean sonnets to the Federalist Papers.

Why Apple Pushed Its First Automatic Mac OS X Security Update This Week
01/06/2015

Earlier this week, Apple pushed its first automatic security update to Mac users. The security update plugged a vulnerability in the OS X operating system connected to the network time protocol. Security experts discovered that the vulnerabilities in the NTP could have been exploited by hackers to gain remote control of Mac computers. The network time protocol is used to synchronize clocks on Mac computers.

Cyberattacks used Security Software to Cover their Trail
01/05/2015

State-sponsored hacking attempts frequently rely on specially written software, but that is a risky move. Unless it is well-made, custom code can be a giveaway as to who is responsible. Attackers are switching things up, however. Security researchers at CrowdStrike and Cymmetria have discovered that a likely cyberwarfare campaign against military-related targets in Europe and Israel used commercial security software to both cover its tracks and improve its features. Typically, the attacks would try to fool people into installing rogue Excel scripts through bogus email. If anyone fell for the ploy, the script installed malware that also grabbed parts of Core Security's defense assessment tool in its attempt to throw investigators off the scent. That is no mean feat -- Core has copy protection and digital watermarks to prevent the software from winding up in the wrong hands, so the perpetrators clearly went out of their way to use it.

Beyond your Grandfathers Security System: How New Security Technology can Improve your Bottom Line in 2015
01/02/2015

There continues to be a lot of discussion surrounding the topic of cyber security for businesses of all sizes. But today, physical security and cyber security are no longer separate entities – they have converged such that one effort to defend can not be successful without the other. This reality is especially notable for entrepreneurs, who need to know how to best protect assets with as few resources as possible.

Gone are the days when physical security technology consisted solely of a clunky camera in the corner of a business. Modern businesses, no matter their size, require an integrated approach to security that enables on-the-go access and sophisticated operational visibility to unlock intelligence from the inside out.

Here is why entrepreneurs and small businesses should keep physical security top-of-mind in 2015, along with best practices to not only complement cyber security measures, but also to contribute to a business bottom line.

Googles Nest May Partner With ADT
01/01/2015

Googles Nest may be partnering with the worlds largest home security firm, ADT  in a move that could signal the companys interest in ramping up its presence in home security services, according to a conversation Forbes had with ADT CEO Naren Gursahaney.

The two companies are working to connect Nests internet-connected home products–a thermostat as well as smoke and carbon monoxide alarm–with ADTs Pulse system that allows its customers to control their security system through a mobile app.

Critical decisions after 9-11 led to slow, steady decline in quality for Secret Service
12/31/2014

The Secret Service began struggling to carry out its most basic duties after Congress and the George W. Bush administration expanded the elite law enforcement agency’s mission in the wake of the Sept. 11, 2001, terrorist attacks.

According to government documents and interviews with dozens of current and former officials, the recent string of security lapses at the White House resulted from a combination of tight budgets, bureaucratic battles and rapidly growing demands on the agency that have persisted through the Bush and Obama administrations in the 13 years since the attacks. At the same time, the Secret Service was hit by a wave of early retirements that eliminated a generation of experienced staff members and left the agency in a weakened state just as its duties were growing.

Car Hacking is Filled With Potential Issues
12/30/2014

Safety and security features can be exploited by hackers to steal information, extort money or even control vehicles, motoring experts have warned.

Modern cars are being fitted with internet connections and wireless networks to allow for music streaming, internet searches and news updates.

Through these, hackers can access and control a vehicle's systems, including steering, braking and acceleration, according to experts.



Current Blog

2015 Security Blog Archive
January Archive

2014 Security Blog Archive
November / December Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
Jan & February Archive

2013 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2012 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2011 Security Blog Archive

December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2010 Securty Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2009 Securty Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2008 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
July-August Archive
May-June Archive
April Archive
March Archive
February Archive
January Archive

2007 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2006 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive


Security Alerts
Locate security alerts, and security feeds via a security rss feed directory.