Security Port

Security Forums
Security Articles
Security Port Blog
Security Blogs
Security Books
Security Glossary
Security Definitions
Security Directories
Security Wikis
Security Tradeshows
Security Newsletters
Security Alerts
Buyers Guides
Security Newsgroups
Security Organizations
Submit Security Sites
Security Magazines
Security Feeds
Security News
Security Software
Security Products
Search Databases


Security Port
Contains relevant information that pertains to security related issues and solutions.

Security Port

A Security Port Blog
Australian Senator Brings a Bomb
05/27/2014

An Australian senator stunned fellow politicians after bringing explosives into a session, saying he had brought this through security: a pipe bomb, which brought gasps from stunned onlookers.

Senator Bill Heffernan wanted to make a point about relaxed security in the building. The 71-year-old wheat farmer has been warning for months about a rising security risk facing the $1 billion building.

Under a 12-month trial, hundreds of MPs, senators, political and departmental staff no longer need to be scanned by metal detectors or have their bags checked.

SnapChat Security Fail
05/23/2014

If Snapchats promise of self-destructing videos and images sounded too good to be true, that is because it was. The company agreed to settle charges with the Federal Trade Commission on Thursday following allegations that it made several misrepresentations to consumers about the apps security and privacy.

Security Council Exposes Failings
05/22/2014

Since the beginning of the year, the Security Council has discussed Syria no fewer than 18 times and devoted 13 more sessions to Ukraine.

That remains about the most substantive action the Council has taken to resolve the conflicts, which flourish unabated. The Council has come up with no diplomatic road maps. In the case of Syria, Russia has vetoed three resolutions in three years.

The Council has been dismissed as toothless before, precisely over the right of its five permanent members to block any measure with a veto. But the paralysis over Syria has marked a new level of dysfunction, experts say, and has given a fillip to those who call for a fundamental shake-up of the Councils composition and rules of engagement.

Bitly Encourages a Password Change
05/21/2014

Link-shortening and tracking tool Bitly is urging users to reset their passwords amid a security scare that surfaced late Thursday night.

Suggested that Companies Share Security Information
05/20/2014

The Justice Department is issuing new legal guidance encouraging companies to share cyber-security information with each other and the government, while protecting the privacy of their customers.

U.S. authorities are concerned about the sharp rise of computer-based crime, which siphons billions of dollars from companies and individuals, and could pose major national security and economic harm.

What Did the Nigerian Government Know?
05/19/2014

What did the Nigerian government know about the mass abduction of schoolgirls by Boko Haram militants, and when did it know it?

Those are the tough questions being asked after an explosive report made public Friday accused Nigerian military commanders of knowing the terror group was on its way to raid a boarding school in the town of Chibok at least four hours before 276 girls were abducted.

The findings by human rights group Amnesty International echo accounts of a number of the parents and villagers, who have described to CNN an ineffective military response in the days and weeks after the girls were abducted.

Windows XP Security Issues - Already
05/17/2014

Microsoft warned many of its customers that they were on their own earlier this month when it stopped supporting XP, an older but still widespread version of its Windows operating system. The software remains functional, but Microsoft will not fix its newly discovered security holes, leaving those who have not upgraded to a newer version vulnerable to a future hacking attack. It did not take long to find one.

Using Heart Bleed to Target Hackers
05/16/2014

Anti-malware researchers have turned the tables on cyber criminals by using the Heartbleed bug to gain access to online forums where hackers congregate.

The bug is a flaw in a key piece of security technology used by more than 500,000 websites had been exposing online passwords and other sensitive data to potential theft for more than two years.

Among the websites affected by the bug were private, password-protected hacker forums, Steven K, a French anti-malware researcher, told the BBC. The researcher said he was able to gain access to the sites by using specially-written tools to target them.

AOL Security Flaw
05/15/2014

If you are an AOL user, you may want to reset your email password and security question ASAP. Today AOL wrote to notify users that the company is investigating a security incident that involved unauthorized access to AOLs network and systems.

AOL began its investigation after noticing a suspiciously large number of spam emails that fell under the spoofing category. Spoofing is a technique by which spammers trick users into clicking on their toxic emails by making it appear that it is from somebody from your address book. AOL is not sure who is behind the criminal activity, but says that an investigation is underway.

Flier on Flier Theft
05/14/2014

Passengers are especially vulnerable at checkpoints since they must place personal belongings like cell phones, wallets and metal jewelry in bins to go through security screening. That is apparently too tempting for some, who try to secretly lift other fliers valuables from the bins during the security process.

OpenID Security Flaws
05/13/2014

Following the major Heartbleed security issue that affected millions of websites, a different vulnerability has been discovered that could have allowed hackers to steal certain personal data from users. CNET reports that a security flaw in the OAuth and OpenID online login protocols could be used to steal data and redirect users to malicious websites.

Microsoft Security Fix
05/12/2014

Microsoft issued a fix on Thursday for a security flaw in Internet Explorer that led the Department of Homeland Security to suggest users change browsers until the problem was solved.

The fix updates the computers of all users of the Windows operating system who have automatic updates turned on, the company said on its security response page.

DIY Security
05/11/2014

From kits to cameras to all-in-one units, the new generation of do-it-yourself security is smarter, simpler, and more affordable than anything you have seen before.

Installing a home security system used to mean spending hundreds of dollars to have professionals come and hardwire your house, signing a long-term contract, then paying huge fees month after month in order to keep the thing running. Systems were not flexible, false alarms were frequent, and if you were a lowly renter, you were out of luck -- despite the fact that rental units get burglarized more often than any other kind of property.

Large Boston Security Drill
05/10/2014

The largest security training exercise in Bostons history kicked off  last Saturday at 8 a.m. with a simulated active school shooter drill in Brookline. It will continue with other drills during 24 hours and involve about 2,000 state and local personnel.

Over 600 Gang Arrests
05/09/2014

More than 600 suspected gang members have been arrested in the Homeland Security Department's largest crackdown on street gangs, Immigration and Customs Enforcement officials said Thursday.

ICE agents, along with local authorities in 179 cities, arrested 638 suspected gang members over a monthlong period in March and April.

ICE said 78 suspected gang members were arrested on federal charges while 447 others currently face only state charges. ICE arrested 113 others on administrative immigration charges.

More than 400 of those arrested had violent criminal histories, including seven people wanted on murder charges. ICE did not identify all those arrested or the charges they face.

Covert Redirect Flaw
05/08/2014

Following in the steps of the OpenSSL vulnerability Heartbleed, another major flaw has been found in popular open-source security software. This time, the holes have been found in the log-in tools OAuth and OpenID, used by many websites and tech titans including Google, Facebook, Microsoft, and LinkedIn, among others.

Wang Jing, a Ph.D. student at the Nanyang Technological University in Singapore, discovered that the serious vulnerability Covert Redirect flaw can masquerade as a log-in popup based on an affected site's domain. Covert Redirect is based on a well-known exploit parameter.

For example, someone clicking on a malicious phishing link will get a popup window in Facebook, asking them to authorize the app. Instead of using a fake domain name thats similar to trick users, the Covert Redirect flaw uses the real site address for authentication.

Emergency Security Council Meeting on Ukraine
05/07/2014

The U.N. Security Council on Friday for the 13th time failed to take action on the growing crisis in Ukraine, with Russian ambassador Vitaly Churkin demanding a swift halt of all violence and Western powers scoffing at his countrys indignation.

Council members accused Russia of equipping and funding the pro-Russia forces that have seized government buildings in 10 eastern cities. Ukraine on Friday launched its first major offensive against the insurgency.

What is MIT Lincoln Labs?
05/06/2014

MIT Lincoln Laboratory is a federally funded research and development center chartered to apply advanced technology to problems of national security.

Hacking
05/05/2014

What do you get when you bring a couple of former National Security Agency analysts to Silicon Valley?

A crowdsourced platform for hacking into customers' security holes and $7.5 million in funding.
Synack, the Menlo Park, Calif.-based company started by former NSA agents Jay Kaplan and Mark Kuhr, announced this morning that it secured Series A funding.

Here is how it works: Synack finds and vets a worldwide network of security specialists -- you might know them as white-hat hackers -- and gives them financial incentives to find security holes. The researchers, some of whom are other former NSA employees, then use a controlled testing environment to try and infiltrate customers systems and pinpoint vulnerabilities. Synack makes money by charging a flat subscription rate to its customers, regardless of the researchers findings.

Google Login Security
05/02/2014

Google application developers are being urged to upgrade all of their applications to the OAuth 2.0 authorization protocol for Google APIs so that users are better protected when they log in to their accounts.

Google is asking developers who build applications using Google APIs to update their apps to the latest OAuth 2.0 authorization protocol so that user log-ins will be as secure as possible in the future.

Smart Wearables Pose Risks
05/01/2014

From thermostats, to TVs, gaming consoles, baby monitors, microwaves and even smart refrigerators, cyber criminals are hacking into a growing selection of smart devices, stealing personal information, infecting other devices and spreading malicious content.

These new security issues led Trend Micro, a business security specialist, to offer consumers a list of tips that could help prevent their personal information from being compromised. To ensure smart appliances stay protected, the company recommends users correctly install and set up the device, making sure to set a secure password for the appliances connectivity. The company also advising against leaving the password set to the appliances default password.

Consumers are also advised to steer clear from opening emails from unknown senders, which will ensure users do not open malicious spam emails sent from hacked appliances.

Basic Home Security
04/30/2014

Seattle resident Steve Hollis spends his days working for Amazon. You’d think working for Jeff Bezos moonshot factory would satiate the Canadians hunger for disrupting the status quo, but as it turns out, Hollis has a moonshot in mind of his own.

For the last few years, he and a couple partners have been working to create an ultra low-cost home security solution called Korner. Korner uses a patent-pending single piece sensor design that can be self-installed in minutes and allows for monitoring and communication via a smartphone app.

Satellite Security
04/29/2014

Satellite communication terminals, relied upon by US military aircraft, ships, and land vehicles to move in harmony with one another, are susceptible to cyber-attack through digital backdoors and other vulnerabilities, according to a new report that has sent a tremor through the global satellite telecommunications industry.

The report by IOActive, a Seattle-based cyber-security firm, arrives amid heightened concerns over a surge in cyber-attacks against satellite communications systems and vendors worldwide, industry experts say.

According to the IOActive report, a forensic security analysis of computer code buried inside the circuit boards and chips of the worlds most widely used SATCOM terminals found multiple potential hacker entry points. Many terminals use small dishes or receivers that ride on the roof of a military vehicle, the bridge of a ship, or inside a troop transport aircraft, the report said.

Android Trojan
04/28/2014

An Android Trojan app that sends SMS messages to premium-rate numbers has expanded globally over the past year, racking up bills for users in over 60 countries including the U.S., malware researchers from Kaspersky Lab said.

The malware program, which Kaspersky products detect as Trojan-SMS.AndroidOS.FakeInst.ef, dates back to February 2013 and was originally designed to operate in Russia.



Current Blog

2014 Security Blog Archive
May Archive
April Archive
March Archive
Jan & February Archive

2013 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2012 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2011 Security Blog Archive

December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2010 Securty Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2009 Securty Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2008 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
July-August Archive
May-June Archive
April Archive
March Archive
February Archive
January Archive

2007 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2006 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive


Security Alerts
Locate security alerts, and security feeds via a security rss feed directory.