Security Port

Security Forums
Security Articles
Security Port Blog
Security Blogs
Security Books
Security Glossary
Security Definitions
Security Directories
Security Wikis
Security Tradeshows
Security Newsletters
Security Alerts
Buyers Guides
Security Newsgroups
Security Organizations
Submit Security Sites
Security Magazines
Security Feeds
Security News
Security Software
Security Products
Search Databases


Security Port
Contains relevant information that pertains to security related issues and solutions.

Security Port

A Security Port Blog
Apple opens up on how it approaches security following FBI battle
05/30/2016

In a press briefing Friday, Apple discussed how security works on the iPhone and iOS. The meeting, which was often technical, shed insights into its broader approach to security.

Although the meeting was not specifically about the battles the company has had with the FBI and parts of the U.S. government – including cases in San Bernardino and Brooklyn – that conflict was still the elephant in the room.

Still, Apple insists its goal with iOS and iPhone security is not about protecting users from the government, it is about protecting users from hackers.

Cloud computing is everywhere, and so are frayed nerves about
05/27/2016

However, while cloud is apparently everywhere, so is a great deal of nervousness around security. A majority of enterprise IT leaders (77 percent) note that their organizations trust cloud computing more than a year ago, but only 13 percent completely trust public cloud providers to secure sensitive data.

Add to that a lack of awareness of what vulnerabilities may still exist. A majority of respondents, however (72 percent), list compliance as the primary concern across all types of cloud deployments, and only 13 percent of respondents actually know whether or not their organizations stored sensitive data in the cloud. In addition, fewer than one-quarter (23 percent) of enterprises are aware of data breaches with their cloud service providers.

Senate to Americans: Your security is not our problem
05/25/2016

The Senate Intelligence Committee just released a draft of long-awaited legislation to tackle the problem authorities have with encrypted communications. Namely, because encryption is so secure, it interferes with court orders in the same way private property poses problems for police who just want to get things done.

The Compliance with Court Orders Act of 2016 authored by Sens Richard Burr, R-N.C., and Dianne Feinstein, D-Calif., mandates companies to shoulder the technical burden of accessing encrypted emails or files when investigators issue court orders.

Making sense of enterprise security
05/23/2016

Human beings have a tendency to do things with technology that go beyond original intent, and this inclination should be celebrated. After all, technology continues to drive radical innovation, whether in the form of new applications, use cases or platforms.

Unfortunately, it is also this type of behavior that makes security such a difficult problem. As individuals and organizations leverage technology for intended and unintended uses, it becomes virtually impossible to foresee all threats and vulnerabilities that surface in the process. In other words, the issue with enterprise security is that, by nature, it is reactive. No system or asset can ever be fully secure.

7 Cybersecurity Tips For Lawyers
05/20/2016

This past week, the world learned about the big hack of Biglaw. If your employer was one of the almost 50 firms prestigious enough to be targeted by Russian hackers… congrats?

The targeted firms tended to be transactionally oriented; the apparent plan of the hackers was to obtain confidential, market-moving information and trade on it. But litigators should be concerned as well. As noted by Logikcull, the discovery automation platform, ediscovery is the next frontier for hackers.

It’s not clear that any information was actually taken or used for insider trading in the big Biglaw hack, but it might still generate headaches for the firms — in the form of litigation. Noted class-action lawyer Jay Edelson — known to the general public for suing tech giants, and known to Above the Law readers for suing ExamSoft (and winning a hefty settlement) — has announced plans to file class-action malpractice cases against various firms, alleging inadequate cybersecurity.

Meeting Cyber Security Challenges through Gamification
05/18/2016

When it comes to cybersecurity issues, we always seem to be dealing with either shortages or excess. Everywhere there is talk of how data breaches are growing in number, size, severity and cost, and there are always too many new security holes, vulnerabilities and attack vectors that need to be fixed.

On the other hand, there’s a widening cybersecurity talent gap to fill vacant posts. We never seem to have enough tools to deal with new threats and malware that are sprouting on a daily basis, and there’s not enough data to make smart assumptions and decisions (or in some cases, too much data and too many false positives to find the real threats). And awareness about security matters among employees, staffers and executives in firms, associations and agencies is always at abysmal levels.

With the dark shadow of bigger security incidents constantly looming on the horizon, both government agencies and private firms are always looking for new ways to meet the challenges and overcome the many shortages the cybersecurity industry is facing.

Looking to Improve Cyber Security? Fire some CEOs
05/16/2016

More than 90 percent of corporate executives said they cannot read a cybersecurity report and are not prepared to handle a major attack, according to a new survey.

More distressing is that 40 percent of executives said they don't feel responsible for the repercussions of hackings, said Dave Damato, chief security officer at Tanium, which commissioned the survey with the Nasdaq.

Better Cyber Security a must for Banking Sector
05/15/2016

Strengthening cyber security in the banking sector is a must, especially with regular innovations happening in the ICT sector, analysts said yesterday.

Almost all banks launched online services without taking proper precautions, and most of their IT systems are outsourced from private vendors, said Mahbubur Rahman, associate professor of Bangladesh Institute of Bank Manage-ment.

Lack of skilled manpower is a major problem in the banking sector, said Omar Farooq, head of IT at Eastern Bank.

They spoke at a programme on cyber security organised by PricewaterhouseCoopers (PwC) at Sonargaon Hotel in Dhaka.

Cyber Power
05/13/2016

The cyber revolution is at its height. The meeting point between the power of thought and connectivity is changing our world, and affecting all spheres of life, as individuals and as a nation. Israel's power in science and technology is creating a great opportunity to position ourselves in the forefront of cybernetic innovation.

Together with the opportunities, there are also risks. Everything is penetrable in the cyber era: our personal details, commercial and defense secrets, national infrastructure - anything can be stolen, disrupted and destroyed. The worst cyber attacks against organizations and countries in recent years around the world have taught us an obvious lesson - cyber defense is an essential condition for national security and economic growth in the 21st century.

Israel has been one of the first countries to prepare systematically and with determination for this challenge. Five years ago, I set the goal of making Israel one of the five leading global cyber powers.

5 Security Hacks That Simple Technology Could Have Prevented
05/11/2016

Passwords, which are designed to create security, have become the weakness that hackers have used in 85 percent of hacks over the last decade. These breaches can be very costly. Lots of companies, for instance, have lost millions of dollars in the past because of it. Some individuals have had their identities stolen. Many celebrities have gotten their images damaged. Worse still, some vital and top secret government information has equally gotten exposed due to these security breaches.

As a result, there is a movement in the tech security industry to move away from password-based security altogether. Wiacts is one of the firms pushing this move.

In a recent blog post, they named the top 10 hacks that their tech would have prevented. I asked Yaser Masoudnia, their CEO, to comment on some of those hacks. And below are what he had to say about them:

Airports Look at Technology to Extend Security
05/09/2016

The mass casualties caused by last week’s attacks in Belgium are spurring interest in tools to enable police to spot suicide bombers and other potential attackers from afar—as well as a warning that technology alone isn’t a fail-safe.

The blasts in the departures hall at Brussels Airport, which killed at least 16 people, showed the contrast between the wide-open landside of airports and the tightly secured airside, after passengers and their bags have been screened.

Long security lines await at American airports this summer
05/08/2016

Here is a maths question. If the number of people moving from point A to point B increases by 9%, and the number of gates they can pass through decreases by 10%, what happens to the time it takes for them to complete the process? On second thoughts, forget the maths. For airline passengers this summer, it is only important to know that it goes up. Way up.

This is essentially what has happened at Americas airports. In the past three years, the number of Transportation Security Administration (TSA) screeners has declined from 47,147 to 42,525. Over the same time period, the number of passengers has risen from 643m a year to more than 700m.

Police issue security warning over Santander cashpoints
05/06/2016

Police have warned people in Lancashire and Wilmslow, Cheshire, not to use Santander cash machines over fears they have been compromised.

The warning follows reports of suspicious devices on the bank’s machines across Lancashire last week.

Officers are concerned that criminals have targeted the machines in an attempt to steal card details and cash, and urged those who have lost money to contact the bank.

Fallout From The Nuclear Security Summit
05/04/2016

The Nuclear Security Summit that just ended Friday in Washington, D.C. wrangled over several thorny nuclear proliferation and terrorism issues, and involved over 50 countries. But the two countries on everyone’s mind were China and Russia. China, because they have started on the world’s largest nuclear build-up in 50 years. And Russia, because they decided not to attend at all.

The fourth Nuclear Security Summit, in the series begun by the Obama administration, showcased definite successes, particularly the significant global reduction in nuclear weapons, the global reduction in nuclear material stockpiles, the increased security on nuclear facilities, the dozen countries that are now free of weapons-grade materials, a newly-amended nuclear protection treaty, and the historic nuclear deal with Iran that has, so far, gone as planned.

How security pros blunted alleged Iran cyber attacks
05/02/2016

New criminal charges linking Iran to 2011-2013 cyber attacks on the U.S. put suspects' names and faces on an episode that plagued 46 banks and financial institutions nationwide — and hundreds of thousands of their customers.

Account holders who logged in online encountered blank screens, dropped connections or extremely slow responses, security experts said in interviews Thursday, hours after authorities announced indictments of seven suspects with ties to the Middle East nation's government and its Islamic Revolutionary Guard Corps.

Google Beefs Up Its Gmail Security Features
04/29/2016

Google is rolling out an updated security warning system this week for Gmail users that the company says is designed to make sure they do not fall victim to cyber attacks.

The first security warning will be triggered when a user clicks on a link in Gmail that Google suspects to be dangerous.

A second enhancement gives suspected targets of state-sponsored hacking attempts a full-page warning along with information on how to protect their accounts. The new full-page alert is in addition to Googles existing warning, which shows up as a red strip with a link at the top of a suspected victims Gmail page.

Suspected state-sponsored hacking attempts are rare and impact 0.1 percent of Gmail users, according to Google's online security blog.



Current Blog

2016 Security Blog Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2015 Security Blog Archive
November / December Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2014 Security Blog Archive
November / December Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
Jan & February Archive

2013 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2012 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2011 Security Blog Archive

December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2010 Securty Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2009 Securty Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2008 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
July-August Archive
May-June Archive
April Archive
March Archive
February Archive
January Archive

2007 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2006 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive


Security Alerts
Locate security alerts, and security feeds via a security rss feed directory.